WO2011079530A1 - Method and apparatus for filtering information - Google Patents

Method and apparatus for filtering information Download PDF

Info

Publication number
WO2011079530A1
WO2011079530A1 PCT/CN2010/070006 CN2010070006W WO2011079530A1 WO 2011079530 A1 WO2011079530 A1 WO 2011079530A1 CN 2010070006 W CN2010070006 W CN 2010070006W WO 2011079530 A1 WO2011079530 A1 WO 2011079530A1
Authority
WO
WIPO (PCT)
Prior art keywords
sender
information
server
transmission
authentication
Prior art date
Application number
PCT/CN2010/070006
Other languages
French (fr)
Chinese (zh)
Inventor
刘维弋
Original Assignee
阿尔卡特朗讯
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 阿尔卡特朗讯 filed Critical 阿尔卡特朗讯
Priority to PCT/CN2010/070006 priority Critical patent/WO2011079530A1/en
Priority to CN201080048136.XA priority patent/CN102598009B/en
Publication of WO2011079530A1 publication Critical patent/WO2011079530A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication

Definitions

  • the present invention relates to communication networks, and more particularly to screening of garbage or hazard information in a communication network. Background technique
  • spam In addition, users of emails often receive spam. Spam has grown tremendously with the continuous development of the Internet, and it can be said that it is overwhelming. Initially, spam was dominated by unsolicited commercial promotional emails, and now more pornographic, political spam is on the rise, and there is still a growing trend. On the other hand, spam has become a new and fast route for computer viruses.
  • spam Emails that people are not willing to receive are spam. For example:
  • the traditional filtering of spam (also known as filter, filtering) mainly uses keyword filtering technology, black and white list filtering technology and so on.
  • Keyword filtering techniques typically create simple or complex single-word lists associated with spam to identify and process spam. For example, some keywords appear in spam, such as the message headers of some viruses, such as: test. It can be said that this is a simple content filtering method to deal with spam, it is based on the need to create a huge list of filtering keywords. This technical defect is obvious. The ability to filter is obviously related to the keyword. The keyword list may also cause misstatement. The system will use more resources to process the mail. Moreover, techniques that generally avoid keywords are such as word-breaking, and group words are easy to bypass filtering.
  • the Black list and the White List are known spammers or trusted sender IP addresses or email addresses, respectively.
  • Many organizations are now doing Block List (BL), which collects IP addresses (even IP address ranges) that often send spam and makes them a block list.
  • IP addresses even IP address ranges
  • ISPs Internet Server Providers
  • the whitelist is the opposite of the blacklist, and the email address or IP that is trusted is fully accepted.
  • Blocking list technology also has significant drawbacks because it does not include all IP addresses in the blocking list, and spammers can easily create spam through different IP addresses. Summary of the invention
  • the present invention proposes that the use of such hazard information is typically automatically transmitted using software, and such software typically does not.
  • the method extracts the characteristics of the related information of the character string used for authentication, adopts an authentication mechanism between the sender of the information and the receiver, and provides verification information to the sender of the information, wherein the verification information includes correlation of a set of strings Information, the set of strings cannot be extracted from the verification information; if the sender of the information is sent by software, the sender cannot extract the string related information and cannot pass the verification, therefore, the server
  • the sender is prevented from providing the harm information to the receiver; if the sender of the message is a non-malicious ordinary sender, since the user can identify the string related information contained in the verification information, the ordinary sender can pass the verification. , thus sending information to the recipient.
  • a method for processing information in a server of a communication system wherein the transmitting direction provides the transmitting information to the receiving party, the method comprising the steps of: - determining whether the The sender provides verification information, where the verification information includes related information of a set of character strings, the set of character strings cannot be extracted from the verification information; - when the verification information needs to be provided to the sender
  • the following steps are performed: providing the verification information to the sender; receiving a character string fed back from the sender; determining whether the string fed back by the sender meets a predetermined rule: when the feedback When the string does not conform to the predetermined rule, the sending information is prevented from being provided to the receiving party; when the fed-back string conforms to the predetermined rule, the sending information is allowed to be provided to the receiving party; when the sending is not required When the party provides the verification information, allowing the sending information to be directly provided to the receiving party;
  • a processing apparatus for processing information in a server of a communication system, wherein a transmitting direction receiving side provides transmission information
  • the apparatus comprising: verification information providing determining means for determining Whether the verification information needs to be provided to the sender, wherein the risk information includes related information of a set of character strings, the set of character strings cannot be extracted from the verification information; when it is required to send to the
  • the processing device further includes: providing means for providing the verification information to the sender; and receiving means for receiving a character string fed back from the sender; a rule judging device, configured to determine whether a character string fed back by the sender meets a predetermined rule: a blocking device, configured to prevent the sending information from being provided to a receiver when the fed-back character string does not meet a predetermined rule Allowing means for allowing the transmitted information to be provided when the string of the feedback meets a predetermined rule Recipient; allowing said further means for, When it is not necessary to provide the verification
  • the spam or the hazard information automatically transmitted by the software can be effectively filtered on the server side, thereby preventing the terminal from receiving the undesired information.
  • the service provider can also provide it as an end-value-added service to end users.
  • the present invention can mask the spam or hazard information before it is provided to the recipient, thereby alleviating the occupation of the network resources by the information.
  • FIG. 1 shows a topology diagram in accordance with an embodiment of the present invention
  • FIG. 2 shows a flowchart of a system method in accordance with an embodiment of the present invention
  • FIG. 3 shows a specific implementation in accordance with the present invention.
  • Figure 4 shows a block diagram of a device in accordance with an embodiment of the present invention.
  • FIG. 1 shows a topology diagram in accordance with the present invention.
  • the server 1 includes an authentication mechanism for authenticating the sender by sending the authentication information.
  • Sender 2 is used to provide information to the recipient.
  • the sender 2 can be an ordinary sender, for example, a mobile phone or a videophone, an instant user who establishes instant communication, sends an email, or sends a short message. These individual users are generally well-intentioned, and therefore, the terminal used by the sender
  • the device can be a mobile phone, a video phone, a client software installed on a mobile phone or a computer, a mail system, and the like.
  • sender 2 may also become sender 2, such as call software that lures other end users to call back, causing other users to generate service charges, or clients that are infected with viruses, such as advertisements and viruses. Links, even fraudulent information, are generally malicious. If the sender 2 passes the authentication of the authentication mechanism of the server 1, the server 1 allows the sender 2 to provide information to the receiver 3, otherwise, the service The device 1 prevents the sender 2 from providing information to the receiver 3.
  • FIG. 1 shows a flow chart of a system method in accordance with an embodiment of the present invention.
  • step S10 the server 1 determines whether it is necessary to provide the verification information to the sender 2, wherein the certificate information includes related information of a set of character strings, and the set of character strings cannot be extracted from the verification information.
  • the content of this judgment includes:
  • Solution 1 Obtain the sending information or send request from sender 2
  • the server 1 can immediately start the authentication mechanism as soon as it receives the transmission information or the transmission request from the sender 2, and transmits the authentication information to the sender 2 for authenticating the sender 2.
  • the sender 2 when the sender 2 is a client that is not easy to upgrade, such as a mobile phone user or other hardware terminal, the sender 2 directly sends a message, and at this time, the server 1 immediately starts the authentication mechanism and sends the authentication information to the sender 2. , used to authenticate sender 2.
  • This implementation is suitable for situations where the client is not easy to upgrade, and all authentication operations can be performed on the server side.
  • this kind of authentication start condition is also applicable to the client that is easy to upgrade.
  • the specific settings depend on the configuration information of the terminal and the server.
  • the sender 2 In the case where the sender 2 is a client that is easy to upgrade, such as a software client, the sender 2 first sends a signaling requesting to send information to the authentication mechanism, and when the authentication is passed, the information can be sent to the service network. For example, for a user who is based on instant communication of a computer user terminal, the sender 2 wishes to send a message to the recipient, so the sender 2 clicks on the send button, or other button or function key equivalent to the send function, such as an input button.
  • Option 2 The address of sender 2 is not included in the sender's place where detection is not required. In the address
  • the address of the sender that does not need to be detected may be pre-stored in the server 1, and these addresses may be provided by the receiver 3 or may be set by the communication system.
  • the transmission request or the transmission message includes the sender's identification information or address information
  • the sender's 2 address includes the email address (corresponding to the mail sender) ), IP address, MAC address (corresponding to the sender of the data communication information), port address (corresponding to the voice call), terminal identification (including the mobile phone number, the ID of the mobile phone, etc., corresponding to the sender of the mobile phone, etc.), etc.
  • the server 1 can The identification information or the address information is extracted from the transmission information or the transmission request.
  • the server 1 When the sender's address is not included in the list that does not need to be detected, that is, in the white list, the server 1 needs to send the verification information to authenticate the sender 2. For example, a Lucent employee sets the mailbox of someone else in the company to a mailbox that does not need to be detected. For example, if "*@alcatel-lucent.com" is set to not need to be detected, then when server 1 finds non-alcatel-lucent When the mail address of the .com suffix is sent, the server 1 sends the authentication information to the sender of the mail.
  • the server 1 When the received transmission request or the sender 2 transmitting the information does not belong to these network segments that do not require authentication, the server 1 transmits the authentication information to these senders 2.
  • step S16 the server 1 allows the transmission information to be directly supplied to the recipient.
  • a Lucent employee sets the mailbox of the rest of the company to a mailbox that does not need to be detected. For example, if "*@alcatd-lucent.com" is set to not need to be detected, then when server 1 finds @alcatd-lucentcom
  • the server 1 allows the sending information to be directly provided to the receiving party. 3. For example, for the user of the voice call, the user of the network segment of the certain subnet does not need to be authenticated.
  • step S16 When the transmission request received by the server 1 or the sender 2 transmitting the information belongs to these network segments that do not require authentication, the server 1 allows the transmission information to be directly provided to the recipient 3.
  • Solution 3 The sender 2 sends the sending information or sends the sending request for more than a predetermined threshold within a predetermined time period.
  • User A and User B are friends who have already been authenticated. After the user A client has a virus, the client A's client (ie, the sender) will covertly send the virus link to the other friends of the user A.
  • the authentication mechanism of the server 1 detects the abnormal behavior of the user A transmitting a large amount of information in a short time, that is, the server 1 detects the number of times the sender sends the transmission information or sends the transmission request within a predetermined time period. Greater than a predetermined threshold.
  • the server 1 judges that it is necessary to transmit the authentication information to the sender, that is, the user A.
  • the "predetermined time period” and “predetermined threshold” may be set by the server 1 or the recipient 3 depending on factors such as the configuration of the system, the needs of the user, and the like.
  • Server 1 allows the sending information to be directly provided to User B, that is, Receiver 3.
  • step S11 the server 1 provides the verification information to the sender.
  • the verification information includes related information of a set of character strings, the related information of the set of character strings includes image data, the image data displays a set of character strings, and/or the related information of the set of character strings includes audio data, The audio data reads out the set of strings, and/or the associated information of the string includes strings that are displayed at different locations on the touch screen.
  • the server 1 displays the authentication information by appearing on the display screen of the sender 2 or by popping up the window.
  • the sender 2 ie, the calling party
  • the sender 2 wants to connect to other terminal users (ie, the recipient 3) through the voice network
  • the sender 2 for example, the malware sends the connection
  • the authentication mechanism of the server 1 transmits the authentication request information to the sender 2 that issued the connection request, and requests the client of the sender 2 to return the authentication information.
  • a picture will be displayed on the mobile/videophone, and the sender 2 will enter the authentication information and determine it as required.
  • the server 1 in the switch may also provide recognition to the calling party 2
  • the authentication information includes audio data that reads the authentication information of a set of strings. For example, the voice platform plays a recording that reads the "14567" string.
  • the sender 2 feeds back the corresponding character string according to a predetermined rule defined by the server 1 or the receiver 2. For example, if the server 1 displays the authentication information as shown in FIG. 3 to the sender 2, and the predetermined rule is that the server 1 requests the sender 2 to sequentially feed back all the characters displayed in the picture in the order of the letters or numbers displayed in the picture. The string, accordingly, according to the predetermined rule, the sender 2 feeds back the corresponding number or letter to the server 1. In the example shown in Fig. 3, the sender 2 feeds back the number and the letter 16th thigh. In order to further improve the security of verification, prevent fraud, and the occurrence of brute force situations, the difficulty of feedback may be further increased.
  • the predetermined rule is that the server 1 requests the sender 2 to feed back the specified content
  • the predetermined rule is a request.
  • the second and fourth digits or letters of the number or letter displayed in the sender 2 feedback picture are still in the example of FIG. 3, and the sender 2 inputs the letter 6 h; or the sixth digit or letter
  • the sender 2 enters the letters 16th tigh, or feeds back the numbers or letters in the reverse order of the displayed numbers or letters.
  • the feedback hgiht ht61 is given.
  • the predetermined rules and the like are still in the example of FIG. 3, and the sender 2 inputs the letter 6 h; or the sixth digit or letter
  • the sender 2 enters the letters 16th tigh, or feeds back the numbers or letters in the reverse order of the displayed numbers or letters.
  • the feedback hgiht ht61 is given.
  • the predetermined rules and the like are given.
  • the characters are distorted, and the numbers or letters in the picture do not follow a certain rule.
  • the numbers or letters are composed of pixels.
  • the numbers or letters and other characters in the picture The content consists of colored pixels of different colors and cannot be extracted.
  • Computer software is difficult to identify for data that cannot be extracted and is irregular. Because software recognition is usually non-intelligent, it is difficult to program in a regular programming language for irregular problems. Artificial intelligence is still not mature enough for image analysis. That is, using a very complicated algorithm and a computer device to calculate the result, the cost overhead is not worth the loss. Therefore, the server 1 can use this authentication method to identify the senders that use the software to send information and prevent them from being sent to the receiver 3 provide information.
  • the sender 2 of the fixed telephone inputs the authentication information through the keyboard of the telephone according to a predetermined rule, for example, if the voice platform plays the recording of the character string "14567", and the predetermined rule is that the server 1 requests the sender 2 to read in the audio. The order of the numbers in turn returns all the strings in it, and the sender should input 14567 through the keyboard.
  • the authentication information may also include some genus set by the receiver 3 and the receiver 3 sexually relevant information. For example, some simple questions, including the gender of the recipient, the unit in which they are located, etc., and the information related to the attributes of the recipient 3 can also identify the senders who use the software to send the information and prevent them from being provided to the receiver 3. information.
  • the server 1 receives the character string fed back from the sender 2.
  • the predetermined rule is that the server 1 requests the sender 2 to sequentially feed back all the strings displayed in the picture in the order of the letters or numbers displayed in the picture.
  • the sender 1 follows the order. Enter 16th thigh;
  • sender 2 is malware, the sender 2 cannot correctly extract the string information, so the sender 2 may randomly feed back a string of characters or cannot respond.
  • step S13 the server 1 determines whether the character string fed back by the sender 2 conforms to the predetermined rule: still taking FIG. 3 as an example, when the predetermined rule is that the server 1 requests the sender 2 to follow the letters or numbers displayed in the picture. If all the character strings displayed in the picture are sequentially fed back in sequence, and the character string fed back by the sender 2 does not meet the predetermined rule, the method proceeds to step S14, and the server 1 prevents the transmission information from being provided to the receiver, that is, Server 1 determines that the sender sends the software by using automatic software.
  • the content sent by the server is likely to contain spam, advertisements, fraud, and other spam or harmful information, thereby preventing the information from being provided to the receiver, preventing the recipient from being poisoned or being defrauded. .
  • the server 1 if the authentication mechanism of the server 1 waits for a timeout and has not received the relevant information from the string fed back by the sender 2, the server 1 considers that the sender is likely to be malware because the malware usually cannot recognize the malware. Authentication information, so the sender 2 did not pass the authentication. Then the authentication mechanism of the server 1 rejects the connection request of the malware. Malware cannot ring other end users, so the authentication mechanism of Server 1 prevents malicious software from initiating malicious ringing on the voice network. Of course, by judging the users of anti-voice calls, the same applies to data communication, such as instant messaging, mail communication users.
  • the authentication mechanism of the server 1 sends the authentication picture to the user A client. Since the A client cannot automatically identify the authentication information, the final authentication fails, and the server 1 fails. The authentication mechanism will prevent the user A client from sending information containing the virus link to the friend user B. In addition, the server 1 can further increase the authentication frequency for transmitting information to the user A. After multiple authentication failures, the authentication mechanism of the server 1 authenticates the request for sending information of the user A client each time, thereby preventing the client of the user A from transmitting the virus link to other users.
  • the server 1 judges that the sender 2 has passed the authentication, and the method proceeds to step S15, and the server 1 allows the transmission information to be provided to the receiver 3.
  • FIG. 4 shows a block diagram of a device in accordance with one embodiment of the present invention.
  • the processing device 10 is located in the server 1.
  • the processing device 10 includes a verification information providing judging device 100, a providing device 101, a receiving device 102, a compliance judging device 103, a blocking device 104, and an enabling device 105.
  • the verification information providing judging means 100 judges whether or not it is necessary to provide the verification information to the sender 2, wherein the verification information includes related information of a set of character strings, and the set of character strings cannot be extracted from the verification information.
  • the content of this judgment includes:
  • Option 4 Obtain the sending information or send request from sender 2
  • the authentication information providing determination means 100 can determine that the authentication mechanism needs to be activated after transmitting the transmission information or the transmission request from the sender 2, and transmits the authentication information to the sender 2 for authenticating the sender 2.
  • the sender 2 when the sender 2 is a client that is not easy to upgrade, such as a mobile phone user or other hardware terminal, the sender 2 directly sends a message, and at this time, the server 1 immediately starts the authentication mechanism and sends the authentication information to the sender 2. , used to authenticate sender 2.
  • This implementation is suitable for situations where the client is not easy to upgrade, and all authentication operations can be performed on the server side.
  • this kind of authentication start condition is also applicable to the client that is easy to upgrade.
  • the specific settings depend on the configuration information of the terminal and the server.
  • the sender 2 In the case where the sender 2 is a client that is easy to upgrade, such as a software client, the sender 2 first sends a signaling requesting to send information to the authentication mechanism, and when the authentication is passed, the information can be sent to the service network. For example, for instant communication based on computer user terminals User 2, sender 2 wants to send a message to the receiver, therefore, sender 2 clicks the send button, or other button or function key equivalent to the send function, such as enter key, if the opposite side of sender 2 That is, the receiver 3 is configured to require the sender 2 to be authenticated. At this time, the transmission information requested by the sender 2 does not reach the server 1, and the actual server 1 is the sender 2 transmission request, and the server 1 receives the transmission request.
  • sender 2 wants to send a message to the receiver, therefore, sender 2 clicks the send button, or other button or function key equivalent to the send function, such as enter key, if the opposite side of sender 2 That is, the receiver 3 is configured to
  • the authentication information is immediately provided to the sender.
  • the method of authenticating the sending request from the sender's client instead of sending the information is fast, and the user experience is good. If the authentication fails, the server's authentication mechanism prevents the information from being sent, and the malicious user can prevent the malicious user from sending information to waste the network. Resources.
  • Option 5 The address of sender 2 is not included in the address of the sender who does not need to be detected.
  • the address of the sender that does not need to be detected may be pre-stored in the server 1, and these addresses may be provided by the receiver 3 or may be set by the communication system.
  • the transmission request or the transmission message includes the sender's identification information or address information
  • the sender's 2 address includes the email address (corresponding to the mail sender) ), IP address, MAC address (corresponding to the sender of the data communication information), port address (corresponding to the voice call), terminal identification (including the mobile phone number, the ID of the mobile phone, etc., corresponding to the sender of the mobile phone, etc.), etc.
  • the server 1 can The identification information or the address information is extracted from the transmission information or the transmission request.
  • the verification information providing judgment means 100 judges that the verification information needs to be transmitted, and verifies the sender 2. For example, a Lucent employee sets the mailbox of the other person in the company as a mailbox that does not need to be detected. For example, if "*@alcatd-lucent.com" is set to be unnecessary, the verification information providing judgment device 100 finds that When the email address of the @alcatd-lucent.com suffix is sent, the server 1 sends the authentication information to the sender of the mail. For example, for the user of the voice call, the user of the network segment of the certain subnet does not need to be authenticated. Then, when the transmission request received by the verification information providing determination means 100 or the sender 2 transmitting the information does not belong to the network segments that do not require authentication, the verification information providing determination means 100 determines that it is necessary to transmit the authentication information to the senders 2.
  • the verification information providing determination means 100 determines that it is not necessary to provide the inspection to the sender 2
  • the certificate information the server 1 allows the transmission information to be directly provided to the recipient.
  • a Lucent employee sets the mailbox of the rest of the company to a mailbox that does not need to be detected.
  • server 1 finds that @&10& ⁇ 61 When -11 ⁇ 611 0111 is the mail address of the suffix, the server 1 allows the sending information to be directly provided to the receiving party. 3.
  • the user of the voice call the user of the network segment of some subnets may be set. If authentication is required, the server 1 allows the transmission information to be directly provided to the receiver 3 when the transmission request received by the server 1 or the sender 2 transmitting the information belongs to the network segment that does not require authentication.
  • Solution 6 The sender 2 sends the sending information within a predetermined time period or sends the sending request for more than a predetermined threshold.
  • the authentication mechanism of the server 1 detects the abnormal behavior of the user A transmitting a large amount of information in a short time, that is, the server 1 detects the number of times the sender sends the transmission information or sends the transmission request within a predetermined time period. Greater than a predetermined threshold. Then, the verification information providing judgment means 100 judges that it is necessary to transmit the authentication information to the sender, that is, the user A.
  • the "predetermined time period" and "predetermined threshold” may be set by the server 1 or the recipient 3 depending on factors such as the configuration of the system, the needs of the user, and the like.
  • the server 1 does not detect the abnormal situation in which the user A sends a message, and the verification information providing determination device 100 determines that it is not necessary to provide the authentication information to the sender 2, and then allows the device.
  • 105 allows the transmission of information to be provided directly to User B, that is, Receiver 3.
  • the providing means 101 supplies the verification information to the sender.
  • the verification information includes related information of a set of character strings, the related information of the set of character strings includes image data, the image data displays a set of character strings, and/or the related information of the set of character strings includes audio data, The audio data reads out the set of strings, and/or the associated information of the string includes strings that are displayed at different locations on the touch screen.
  • the authentication information is randomly generated by the server and transmitted to the sender.
  • Client to enhance the security and reliability of authentication.
  • the providing device 101 displays the authentication information by displaying a dialog box on the display screen of the sender 2 or by popping up a window. .
  • the sender 2 ie, the calling party
  • the sender 2 wants to connect to other terminal users (ie, the recipient 3) through the voice network
  • the sender 2 for example, the malware sends the connection
  • the authentication mechanism of the server 1 provides the authentication request information to the sender 2 that issued the connection request, and requests the client of the sender 2 to return the authentication information.
  • a picture will be displayed on the mobile/videophone, and the sender 2 will enter the authentication information and determine it as required.
  • the providing device 101 for example, in the switch
  • the voice platform in the server 1 may also provide authentication information to the calling party 2, the authentication information including audio data, which reads the authentication information of a set of strings.
  • the voice platform plays a recording that reads the "14567" character string.
  • the sender 2 feeds back the corresponding character string according to a predetermined rule defined by the server 1 or the receiver 2. For example, if the server 1 displays the authentication information as shown in FIG. 3 to the sender 2, and the predetermined rule is that the server 1 requests the sender 2 to sequentially feed back all the characters displayed in the picture in the order of the letters or numbers displayed in the picture. The string, accordingly, according to the predetermined rule, the sender 2 feeds back the corresponding number or letter to the server 1. In the example shown in Fig. 3, the sender 2 feeds back the number and the letter 16th thigh. In order to further improve the security of the verification, prevent the occurrence of fraud, and brute force, the difficulty of the feedback may be further increased.
  • the predetermined rule is that the server 1 requests the sender 1 to feed back the specified content
  • the predetermined rule is a request.
  • the second and fourth digits or letters of the number or letter displayed in the sender 2 feedback picture are still in the example of FIG. 3, and the sender 2 inputs the letter 6 h; or the sixth digit or letter
  • the sender 2 enters the letters 16th tigh, or feeds back the numbers or letters in the reverse order of the displayed numbers or letters.
  • the feedback hgiht ht61 is given.
  • the predetermined rule may further include requiring the sender 2 to feedback the number missing in numerical or alphabetical order or Letters, etc.
  • the characters are distorted, and the numbers or letters in the picture do not follow a certain rule.
  • the numbers or letters are composed of pixels.
  • the numbers or letters and other characters in the picture The content consists of colored pixels of different colors and cannot be extracted.
  • Computer software is difficult to identify for data that cannot be extracted and is irregular. Because software recognition is usually non-intelligent, it is difficult to program in a regular programming language for irregular problems. Artificial intelligence is still not mature enough for image analysis. That is, using a very complicated algorithm and a computer device to calculate the result, the cost overhead is not worth the loss. Therefore, the server 1 can use this authentication method to identify the senders that use the software to send information and prevent them from being sent to the receiver 3 provide information.
  • the sender 2 of the fixed telephone inputs the authentication information through the keyboard of the telephone according to a predetermined rule, for example, if the voice platform plays the recording of the character string read "14567", and the predetermined rule is that the server 1 requests the sender 2 to read out according to the audio. The order of the numbers in turn returns all the strings in it, and the sender should input 14567 through the keyboard.
  • the authentication information may also include some information related to the attributes of the recipient 3 set by the recipient 3. For example, some simple questions, including the gender of the recipient, the unit in which they are located, etc., and the information related to the attributes of the recipient 3 can also identify the senders who use the software to send the information and prevent them from being provided to the receiver 3. information.
  • the receiving device 102 receives the character string fed back from the sender 2.
  • the predetermined rule is that the server 1 requests the sender 2 to sequentially feed back all the characters displayed in the picture according to the alphabet or number displayed in the picture.
  • the sender 2 is an ordinary individual user, the sender 2 follows the order. Input 16th thigh;
  • sender 2 is malware, the sender 2 cannot correctly extract the string information, so the sender 2 may randomly feed back a string of characters or cannot respond.
  • the matching rule judging means 103 judges whether the character string fed back by the sender 2 conforms to the predetermined rule: Still taking FIG. 3 as an example, when the predetermined rule is that the server 1 requests the sender 2 to follow the order of letters or numbers displayed in the picture.
  • the blocking means 104 prevents the transmission information from being supplied to the receiving side, that is, the server 1 It is judged that the sender sends the software by using automatic software, and the content sent by the sender is likely to contain spam, advertisement, fraud, and other spam or hazard information, so the authentication fails, thereby preventing the installation.
  • Block 104 prevents this information from being provided to the recipient, preventing the recipient from poisoning or being tricked.
  • the authentication mechanism of the server 1 waits for a timeout and has not received the relevant information from the character string fed back by the sender 2, the compliance rule determining means 103 considers that the sender is likely to be malware because the malware usually The authentication information is not recognized, so the sender 2 does not pass the authentication. Then the authentication mechanism of the server 1 rejects the connection request of the malware. Malware also fails to ring other end users, thus preventing device 104 from blocking malware from initiating malicious ringing on the voice network. Of course, users who only apply to voice calls are equally applicable to data communications, such as instant messaging, mail communication users.
  • the providing device 101 sends the authentication picture to the user A client. Since the A client cannot automatically identify the authentication information, the compliance rule determining device 103 determines that the final authentication fails.
  • the blocking device 104 prevents the user A client from transmitting the information containing the virus link to the friend user B.
  • the server 1 can further increase the authentication frequency for transmitting information to the user A. After multiple authentication failures, the authentication mechanism of Server 1 will authenticate each request sent by User A client, thereby preventing User A's client from sending virus links to other users.
  • the server 1 judges that the sender 2 passes the authentication, and allows the device 105 to allow the transmission information to be supplied to the receiver 3 .

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Telephonic Communication Services (AREA)

Abstract

Considering the limitation of the manner of the information filtering and processing in the existing network, a method and an apparatus for filtering information are provided in the present invention. The method utilizes the characteristics that the harmful information is automatically sent by using softwares commonly and the softwares can not usually extract the related information of character strings for authentication, adopts the authentication mechanism between an information sender and receiver, and provides the authentication information to the information sender, wherein the authentication information comprises the related information of a set of character strings, which are unable to be extracted from the said authentication information. If the information sender sends the information by softwares, said information sender will fail in the authentication because it can not extract the related information of the character strings, and therefore a server will prevent the sender from transmitting the harmful information to the receiver; and if the information sender is a non-malicious and normal sender, as the normal sender can identify the related information of the character strings included in the authentication information, the normal sender can pass the authentication, and thus send the information to the receiver.

Description

一种用于筛选信息的方法及装置 技术领域  Method and device for screening information
本发明涉及通信网络, 尤其涉及通信网络中对垃圾或者危害信息 的筛选。 背景技术  The present invention relates to communication networks, and more particularly to screening of garbage or hazard information in a communication network. Background technique
对于手机用户, 经常会收到不请自来的垃圾短信。 随着打击力度的 加大, 近段时间, 垃圾短信出现了不少新变种, 以逃避运营商的屏蔽程 序。 现在运营商和很多手机用户都会设置关键词屏蔽, 比如***、 别墅、 窃听等。 垃圾短信发送者将这些词稍微进行变化, 广告类的短信就不会 被屏蔽了。  For mobile phone users, they often receive unsolicited spam messages. With the increase in the intensity of the crackdown, in recent times, there have been many new variants of spam messages to avoid the operator's blocking procedures. Now operators and many mobile phone users will set keyword blocking, such as invoices, villas, eavesdropping and so on. Spammers will change these words slightly, and SMS messages will not be blocked.
变化的手段主要有两种: 一是用同音字或拼音代替, 如: 发 piao、 走斯 (应为 '私, )、 优汇 (应为 '惠, )等; 二是在关键词中间加上符号, 如 "大庭 Λ院高尔夫别 Λ墅现 "房" 开盘等。 此外, 像^手机号码用文字 加数字组成的方法也时常出现。 因此, 现有的对手机短信的关键词过滤 技术已无法 4艮有效地工作。 There are two main means of change: First, use homophones or pinyin instead, such as: send piao, walk (should be 'private,), good sink (should be 'hui,), etc.; The above symbols, such as "Grand Court brothel golf clubs " are open, etc. In addition, methods such as the use of text and numbers for mobile phone numbers often appear. Therefore, the existing keyword filtering technology for mobile phone text messages has been Can't work effectively.
除了垃圾或者危害短信外, 手机或者固定电话用户也会收到广告或 者诈骗电话。 这些电话的特点是均是由恶意软件向用户发送通话请求 的, 并在通话接通后, 向用户自动播放语音信息, 例如, 通知该用户已 收到法院传票, 需要缴纳诉讼费用等。 如果用户的警惕性不高的话, 很 可能受骗上当, 造成财产的损失。  In addition to junk or harmful text messages, mobile or landline users will also receive advertisements or scam calls. The characteristics of these phones are that the malware sends a call request to the user, and after the call is connected, the user automatically plays the voice message, for example, notifying the user that the court has received the voucher, and the litigation fee is required. If the user's vigilance is not high, it is likely to be deceived and cause property damage.
此外, 电子邮件的用户也经常会接收到垃圾邮件。 垃圾邮件随着互 联网的不断发展而大量增长, 可以说是铺天盖地了。 最初, 垃圾邮件主 要是一些不请自来的商业宣传电子邮件, 而现在更多的有关色情、 政治 的垃圾邮件不断增加, 并且仍然有持续增长的趋势。 另一方面, 垃圾邮 件成了计算机病毒新的、 快速的传播途径。  In addition, users of emails often receive spam. Spam has grown tremendously with the continuous development of the Internet, and it can be said that it is overwhelming. Initially, spam was dominated by unsolicited commercial promotional emails, and now more pornographic, political spam is on the rise, and there is still a growing trend. On the other hand, spam has become a new and fast route for computer viruses.
某种程度上, 对垃圾邮件的定义可以是: 那些人们没有意愿去接收 到的电子邮件都是垃圾邮件。 比如:  To some extent, the definition of spam can be: Emails that people are not willing to receive are spam. For example:
- 商业广告。 很多公司为了宣传新的产品、 新的活动等通过电子邮 件的方式进行宣传。 - Commercial advertising. Many companies use e-mail to promote new products, new activities, etc. The way to promote.
-政治言论。 目前会收到不少来自其他国家或者反动组织发送的这 类电子邮件,这就跟垃圾的商业广告一样,销售和贩卖他们的所谓言论。  - Political speech. There are a lot of such emails sent from other countries or reactionary organizations, which are like the commercial advertisements of junk, selling and selling their so-called remarks.
-蠕虫病毒邮件。 越来越多的病毒通过电子邮件来迅速传播, 这也 的确是一条迅速而且有效的传播途径。  - worm mail. More and more viruses are spreading quickly through e-mail, which is indeed a rapid and effective route of transmission.
- 恶意邮件, 恐吓、 欺骗性邮件。 这是一种假冒网页的电子邮件, 完全是一种诡计, 来蒙骗用户的个人信息、 账号甚至***。  - Malicious emails, intimidating, deceptive emails. This is a fake web page email, a trick that is used to trick users into personal information, accounts, and even credit cards.
传统的对垃圾邮件的过滤(也即 filter, 筛选)主要采用关键词过滤 技术、 黑白名单过滤技术等等。  The traditional filtering of spam (also known as filter, filtering) mainly uses keyword filtering technology, black and white list filtering technology and so on.
关键词过滤技术通常创建一些简单或复杂的与垃圾邮件关联的单 词表来识别和处理垃圾邮件。 比如某些关键词大量出现在垃圾邮件中, 如一些病毒的邮件标题, 比如: test。 可以说这是一种简单的内容过滤方 式来处理垃圾邮件, 它的基础是必须创建一个庞大的过滤关键词列表。 这种技术缺陷很明显, 过滤的能力同关键词有明显联系, 关键词列表也 会造成错报可能比较大, 当然***釆用这种技术来处理邮件的时候消耗 的***资源会比较多。 并且, 一般躲避关键词的技术比如拆词, 组词就 艮容易绕过过滤。  Keyword filtering techniques typically create simple or complex single-word lists associated with spam to identify and process spam. For example, some keywords appear in spam, such as the message headers of some viruses, such as: test. It can be said that this is a simple content filtering method to deal with spam, it is based on the need to create a huge list of filtering keywords. This technical defect is obvious. The ability to filter is obviously related to the keyword. The keyword list may also cause misstatement. The system will use more resources to process the mail. Moreover, techniques that generally avoid keywords are such as word-breaking, and group words are easy to bypass filtering.
黑名单(Black list )和白名单(White List )分别是已知的垃圾邮件 发送者或可信任的发送者 IP地址或者邮件地址。现在有很多组织都在做 阻止名单(Block List, BL ), 将那些经常发送垃圾邮件的 IP地址(甚至 IP地址范围) 收集在一起, 做成阻止名单。 许多因特网服务器提供上 ( Internet Service Provider, ISP )正在采用一些组织的阻止名单来阻止 接收垃圾邮件。 白名单则与黑名单相反, 对于那些信任的邮件地址或者 IP就完全接受了。 阻止名单技术也有明显的缺陷, 因为不能在阻止名单 中包含所有的 IP地址, 而且垃圾邮件发送者很容易通过不同的 IP地址 来制造垃圾。 发明内容  The Black list and the White List are known spammers or trusted sender IP addresses or email addresses, respectively. Many organizations are now doing Block List (BL), which collects IP addresses (even IP address ranges) that often send spam and makes them a block list. Many Internet Server Providers (ISPs) are using some organizations' blocking lists to block the reception of spam. The whitelist is the opposite of the blacklist, and the email address or IP that is trusted is fully accepted. Blocking list technology also has significant drawbacks because it does not include all IP addresses in the blocking list, and spammers can easily create spam through different IP addresses. Summary of the invention
鉴于现有网络中的信息筛选和处理的方式的局限性, 本发明提出 了利用这些危害信息一般是采用软件自动发送的, 而这些软件通常无 法提取用于进行认证的字符串的相关信息的特点, 采用在信息发送方 和接收方之间的认证机制, 并向信息发送方提供验证信息, 其中, 该 验证信息包括一组字符串的相关信息, 该一组字符串无法从所述验证信 息中被提取出来; 如果信息发送方是采用软件进行发送的, 则因为该信 息发送方无法提取出字符串相关信息而无法通过验证, 因此, 服务器就 阻止发送方将危害信息提供给接收方; 如果信息发送方是非恶意的普通 的发送者, 则因为该用户可以识别出验证信息中包含的字符串相关信 息, 因此, 普通的发送者可以通过验证, 从而将信息发送至接收方。 In view of the limitations of the manner in which information is filtered and processed in existing networks, the present invention proposes that the use of such hazard information is typically automatically transmitted using software, and such software typically does not. The method extracts the characteristics of the related information of the character string used for authentication, adopts an authentication mechanism between the sender of the information and the receiver, and provides verification information to the sender of the information, wherein the verification information includes correlation of a set of strings Information, the set of strings cannot be extracted from the verification information; if the sender of the information is sent by software, the sender cannot extract the string related information and cannot pass the verification, therefore, the server The sender is prevented from providing the harm information to the receiver; if the sender of the message is a non-malicious ordinary sender, since the user can identify the string related information contained in the verification information, the ordinary sender can pass the verification. , thus sending information to the recipient.
才艮据本发明的第一方面, 提供了一种在通信***的服务器中用于处 理信息的方法, 其中, 发送方向接收方提供发送信息, 该方法包括以下 步骤: - 判断是否需要向所述发送方提供验证信息, 其中, 所述验证信 息包括一组字符串的相关信息, 该一组字符串无法从所述验证信息中被 提取出来; - 当需要向所述发送方提供所述验证信息时,执行以下步骤: . 向所述发送方提供所述验证信息; 接收来自所述发送方所反馈的字符 串; 判断由所述发送方所反馈的字符串是否符合预定规则: 当所述反馈 的字符串不符合预定规则时, 阻止所述发送信息被提供给接收方; 当所 述反馈的字符串符合预定规则时, 允许所述发送信息被提供给接收方; 当不需要向所述发送方提供所述验证信息时, 允许所述发送信息被直接 提供给所述接收方;  According to a first aspect of the present invention, there is provided a method for processing information in a server of a communication system, wherein the transmitting direction provides the transmitting information to the receiving party, the method comprising the steps of: - determining whether the The sender provides verification information, where the verification information includes related information of a set of character strings, the set of character strings cannot be extracted from the verification information; - when the verification information needs to be provided to the sender At the time, the following steps are performed: providing the verification information to the sender; receiving a character string fed back from the sender; determining whether the string fed back by the sender meets a predetermined rule: when the feedback When the string does not conform to the predetermined rule, the sending information is prevented from being provided to the receiving party; when the fed-back string conforms to the predetermined rule, the sending information is allowed to be provided to the receiving party; when the sending is not required When the party provides the verification information, allowing the sending information to be directly provided to the receiving party;
根据本发明的第二方面, 提供了一种在通信***的服务器中用于处 理信息的处理装置, 其中, 发送方向接收方提供发送信息, 所述装置包 括: 验证信息提供判断装置, 用于判断是否需要向所述发送方提供验证 信息, 其中, 所述,险证信息包括一组字符串的相关信息, 该一组字符串 无法从所述验证信息中被提取出来; 当需要向所述发送方提供所述验证 信息时, 所述处理装置还包括 ·. 提供装置, 用于向所述发送方提供所述 验证信息; 接收装置, 用于接收来自所述发送方所反馈的字符串; 符合 规则判断装置, 用于判断由所述发送方所反馈的字符串是否符合预定规 则: 阻止装置, 用于当所述反馈的字符串不符合预定规则时, 阻止所述 发送信息被提供给接收方; 允许装置, 用于当所述反馈的字符串符合预 定规则时, 允许所述发送信息被提供给接收方; 所述允许装置还用于, 当不需要向所述发送方提供所述验证信息时, 允许所述发送信息被直接 提供给所述接收方。 According to a second aspect of the present invention, there is provided a processing apparatus for processing information in a server of a communication system, wherein a transmitting direction receiving side provides transmission information, the apparatus comprising: verification information providing determining means for determining Whether the verification information needs to be provided to the sender, wherein the risk information includes related information of a set of character strings, the set of character strings cannot be extracted from the verification information; when it is required to send to the When the verification information is provided, the processing device further includes: providing means for providing the verification information to the sender; and receiving means for receiving a character string fed back from the sender; a rule judging device, configured to determine whether a character string fed back by the sender meets a predetermined rule: a blocking device, configured to prevent the sending information from being provided to a receiver when the fed-back character string does not meet a predetermined rule Allowing means for allowing the transmitted information to be provided when the string of the feedback meets a predetermined rule Recipient; allowing said further means for, When it is not necessary to provide the verification information to the sender, the transmission information is allowed to be directly provided to the recipient.
釆用本发明的技术方案 , 能够在服务器端有效地过滤由软件自动发 送的垃圾信息或者危害信息, 从而避免终端接收到这些不希望的信息。 此外, 业务提供商也可以将其作为能够提供附加值的业务提供给终端用 户。 优选地, 本发明可以在垃圾信息或者危害信息还未被提供给接收方 之前进行屏蔽, 从而緩解了这些信息对网络资源的占用情况。 附图说明  With the technical solution of the present invention, the spam or the hazard information automatically transmitted by the software can be effectively filtered on the server side, thereby preventing the terminal from receiving the undesired information. In addition, the service provider can also provide it as an end-value-added service to end users. Preferably, the present invention can mask the spam or hazard information before it is provided to the recipient, thereby alleviating the occupation of the network resources by the information. DRAWINGS
通过阅读参照以下附图所作的对非限制性实施例所作的详细描 述, 本发明的以上及其它特征、 目的和优点将会变得更加明显:  The above and other features, objects, and advantages of the present invention will become more apparent from the detailed description of the accompanying drawings.
图 1示出了根据本发明的一个具体实施方式的拓朴结构图; 图 2示出了根据本发明的一个具体实施方式的***方法流程图; 图 3示出了根据本发明的一个具体实施方式的采用图片格式的认 证信息的示意图;  1 shows a topology diagram in accordance with an embodiment of the present invention; FIG. 2 shows a flowchart of a system method in accordance with an embodiment of the present invention; and FIG. 3 shows a specific implementation in accordance with the present invention. Schematic diagram of the authentication information of the mode in the picture format;
图 4示出了根据本发明的一个具体实施方式的装置框图。  Figure 4 shows a block diagram of a device in accordance with an embodiment of the present invention.
附图中, 相同或者相似的附图标识代表相同或者相似的部件。 具体实施方式  In the figures, the same or similar reference numerals denote the same or similar components. detailed description
图 1示出了根据本发明的拓朴结构图。 其中, 服务器 1中包含认 证机制, 用于通过发送认证信息对发送方进行认证。 发送方 2用于向 接收方提供信息。 发送方 2可以是普通的发送方, 例如, 拨打手机或 者可视电话、 建立即时通信、 发送邮件或者发送短消息的个人用户, 这些个人用户一般都是善意的, 因此, 发送方所使用的终端设备可以 是手机、 可视电话、 安装在手机或者电脑上的客户端软件、 邮件*** 等。 此外, 一些软件也可能成为发送方 2, 例如引诱其他终端用户回 拨, 造成其他用户产生服务费用的通话软件、 或者中病毒的客户端, 这些软件用户所发送的信息例如是广告、 含有病毒的链接, 甚至是欺 诈信息, 一般是恶意的。 若发送方 2通过了服务器 1的认证机制的认 证后, 则服务器 1允许发送方 2将信息提供给接收方 3, 否则, 服务 器 1阻止发送方 2将信息提供给接收方 3。 Figure 1 shows a topology diagram in accordance with the present invention. The server 1 includes an authentication mechanism for authenticating the sender by sending the authentication information. Sender 2 is used to provide information to the recipient. The sender 2 can be an ordinary sender, for example, a mobile phone or a videophone, an instant user who establishes instant communication, sends an email, or sends a short message. These individual users are generally well-intentioned, and therefore, the terminal used by the sender The device can be a mobile phone, a video phone, a client software installed on a mobile phone or a computer, a mail system, and the like. In addition, some software may also become sender 2, such as call software that lures other end users to call back, causing other users to generate service charges, or clients that are infected with viruses, such as advertisements and viruses. Links, even fraudulent information, are generally malicious. If the sender 2 passes the authentication of the authentication mechanism of the server 1, the server 1 allows the sender 2 to provide information to the receiver 3, otherwise, the service The device 1 prevents the sender 2 from providing information to the receiver 3.
以下, 参照图 1并结合图 2, 对根据本发明的一个具体实施方式 的方法流程图进行详细地描述。 图 2示出了根据本发明的一个具体实 施方式的***方法流程图。  Hereinafter, a flowchart of a method according to an embodiment of the present invention will be described in detail with reference to FIG. 1 in conjunction with FIG. 2 shows a flow chart of a system method in accordance with an embodiment of the present invention.
首先, 在步骤 S10中, 服务器 1判断是否需要向发送方 2提供验证 信息, 其中, 该睑证信息包括一组字符串的相关信息, 该一组字符串无 法从所述验证信息中被提取出来。  First, in step S10, the server 1 determines whether it is necessary to provide the verification information to the sender 2, wherein the certificate information includes related information of a set of character strings, and the set of character strings cannot be extracted from the verification information. .
该判断的内容包括:  The content of this judgment includes:
方案一: 获取了来自发送方 2的发送信息或者发送请求  Solution 1: Obtain the sending information or send request from sender 2
服务器 1 可以在只要接收到来自发送方 2 的发送信息或发送请求 后, 立即启动认证机制, 向发送方 2发送认证信息, 用于认证发送方 2。  The server 1 can immediately start the authentication mechanism as soon as it receives the transmission information or the transmission request from the sender 2, and transmits the authentication information to the sender 2 for authenticating the sender 2.
i) 例如, 对于发送方 2是不易升级的客户端时, 例如手机用户或者 其他硬件终端, 发送方 2直接将发送信息发出, 此时, 服务器 1立即启 动认证机制, 向发送方 2发送认证信息, 用于认证发送方 2。 这种实现 的方式适用于客户端不易升级的情形, 在服务器 1端就可以完成全部的 认证操作。 当然, 这种认证启动条件也同样适用于易于升级的客户端, 具体的设置取决于终端和服务器的配置信息。  i) For example, when the sender 2 is a client that is not easy to upgrade, such as a mobile phone user or other hardware terminal, the sender 2 directly sends a message, and at this time, the server 1 immediately starts the authentication mechanism and sends the authentication information to the sender 2. , used to authenticate sender 2. This implementation is suitable for situations where the client is not easy to upgrade, and all authentication operations can be performed on the server side. Of course, this kind of authentication start condition is also applicable to the client that is easy to upgrade. The specific settings depend on the configuration information of the terminal and the server.
ii )对于发送方 2是易于升级的客户端的情况, 例如软件客户端等, 发送方 2首先发出请求发送信息的信令给认证机制, 当认证通过后, 才 能将信息发送到服务网络中。 例如, 对于基于电脑用户终端的即时通信 的用户, 发送方 2希望发送一个消息至接收方, 因此, 发送方 2点击发 送按钮, 或者其他相当于发送功能的按键或者功能键, 例如输入键 Ii) In the case where the sender 2 is a client that is easy to upgrade, such as a software client, the sender 2 first sends a signaling requesting to send information to the authentication mechanism, and when the authentication is passed, the information can be sent to the service network. For example, for a user who is based on instant communication of a computer user terminal, the sender 2 wishes to send a message to the recipient, so the sender 2 clicks on the send button, or other button or function key equivalent to the send function, such as an input button.
( enter ), 则如果发送方 2的相对方, 也即接收方 3配置为需要发送方 2 经过认证, 则此时, 发送方 2所请求发送的发送信息并未到达服务器 1, 实际到达服务器 1的是发送方 2的发送请求, 服务器 1接收到来自发送 方 2的发送请求, 则立即向发送方提供认证信息。 釆用这种对来自发送 方的客户端的发送请求而非发送信息进行认证的方式, 相应速度快, 用 户体验好, 如果认证失败, 服务器的认证机制阻止信息的发出, 能防止 恶意用户发送信息浪费网络资源。 (Enter), if the opposite party of the sender 2, that is, the receiver 3 is configured to require the sender 2 to be authenticated, then at this time, the transmission information requested by the sender 2 does not reach the server 1, and actually arrives at the server 1 The transmission request of the sender 2, and the server 1 receives the transmission request from the sender 2, and immediately provides the authentication information to the sender. The method of authenticating the sending request from the sender's client instead of sending the information is fast and the user experience is good. If the authentication fails, the server's authentication mechanism prevents the information from being sent, which can prevent malicious users from sending information. Internet resources.
方案二: 发送方 2的地址不被包含在不需要进行检测的发送者的地 址中 Option 2: The address of sender 2 is not included in the sender's place where detection is not required. In the address
服务器 1中可以预存不需要进行检测的发送者的地址,也即白名单, 这些地址可以是由接收方 3提供的, 也可以是通信***设定的。 服务器 1获取了来自接收方 2的发送请求或者发送消息后, 一般地, 该发送请 求或者发送消息中包含发送方的标识信息或者地址信息, 发送方 2的地 址包括邮件地址(对应于邮件发送方), IP地址, MAC地址(对应于数 据通信信息发送方)、 端口地址(对应语音通话)、 终端标识(包括手机 号码, 手机的 ID等, 对应于手机等发送方)等, 服务器 1可以从该发 送信息或者所述发送请求中提取出这些标识信息或者地址信息。 当发送 方的地址未包含在不需要进行检测的列表, 也即白名单中时, 则服务器 1需要发送验证信息, 对发送方 2进行验证。 例如, 一个朗讯的员工将 本公司的其他人的邮箱设置为不需要检测的邮箱, 例如, 设置 " *@alcatel-lucent.com " 为不需要检测的, 则当服务器 1 发现非 @alcatel-lucent.com后缀的邮件地址时, 服务器 1 向这些邮件的发送者 发送验证信息, 又如, 对于语音通话的用户, 其可以设置对某些子网的 网段的用户不需要经过认证, 则当服务器 1接收到的发送请求或者发送 信息的发送方 2并非属于这些不需要认证的网段时, 服务器 1向这些发 送方 2发送认证信息。  The address of the sender that does not need to be detected, that is, the white list, may be pre-stored in the server 1, and these addresses may be provided by the receiver 3 or may be set by the communication system. After the server 1 obtains the transmission request or the transmission message from the receiver 2, generally, the transmission request or the transmission message includes the sender's identification information or address information, and the sender's 2 address includes the email address (corresponding to the mail sender) ), IP address, MAC address (corresponding to the sender of the data communication information), port address (corresponding to the voice call), terminal identification (including the mobile phone number, the ID of the mobile phone, etc., corresponding to the sender of the mobile phone, etc.), etc., the server 1 can The identification information or the address information is extracted from the transmission information or the transmission request. When the sender's address is not included in the list that does not need to be detected, that is, in the white list, the server 1 needs to send the verification information to authenticate the sender 2. For example, a Lucent employee sets the mailbox of someone else in the company to a mailbox that does not need to be detected. For example, if "*@alcatel-lucent.com" is set to not need to be detected, then when server 1 finds non-alcatel-lucent When the mail address of the .com suffix is sent, the server 1 sends the authentication information to the sender of the mail. For example, for the user of the voice call, the user of the network segment of the certain subnet does not need to be authenticated, and then the server 1 When the received transmission request or the sender 2 transmitting the information does not belong to these network segments that do not require authentication, the server 1 transmits the authentication information to these senders 2.
否则, 该方法进入步骤 S16, 服务器 1允许所述发送信息被直接提 供给所述接收方。 例如, 一个朗讯的员工将本公司的其他人的邮箱设置 为不需要检测的邮箱, 例如, 设置 "*@alcatd-lucent.com" 为不需要检 测的, 则当服务器 1发现以 @alcatd-lucentcom为后缀的邮件地址时, 服务器 1允许发送信息被直接提供给所述接收方 3.又如, 对于语音通话 的用户, 其可以设置对某些子网的网段的用户不需要经过认证, 则当服 务器 1接收到的发送请求或者发送信息的发送方 2属于这些不需要认证 的网段时, 服务器 1允许发送信息被直接提供给接收方 3。 本领域技术 人员可以理解, 此处的步骤 S16的编号仅仅为了便于说明。 实际上, 经 过 S10的判断步骤之后, 该方法择一地进入步骤 S11或步骤 S16。  Otherwise, the method proceeds to step S16, and the server 1 allows the transmission information to be directly supplied to the recipient. For example, a Lucent employee sets the mailbox of the rest of the company to a mailbox that does not need to be detected. For example, if "*@alcatd-lucent.com" is set to not need to be detected, then when server 1 finds @alcatd-lucentcom When the email address is the suffix, the server 1 allows the sending information to be directly provided to the receiving party. 3. For example, for the user of the voice call, the user of the network segment of the certain subnet does not need to be authenticated. When the transmission request received by the server 1 or the sender 2 transmitting the information belongs to these network segments that do not require authentication, the server 1 allows the transmission information to be directly provided to the recipient 3. Those skilled in the art will appreciate that the numbering of step S16 herein is for convenience of explanation only. Actually, after the judgment step of S10, the method alternatively proceeds to step S11 or step S16.
方案三: 发送方 2在一个预定时间段内发送所述发送信息或者发送 所述发送请求的次数大于一个预定阈值 以即时通信的用户为例进行说明。用户 A与用户 B是已经通过认 证的好友。 当用户 A客户端中病毒后, 用户 A的客户端 (也即, 发送 方)会隐蔽的将病毒链接发送给用户 A的其他好友。 此时, 服务器 1 的认证机制会检测到用户 A在短时间内发送大量信息的异常行为,也 即, 服务器 1检测到发送方在一个预定时间段内发送该发送信息或者 发送该发送请求的次数大于一个预定阈值。 则服务器 1判断需要向发 送方, 也即用户 A发送认证信息。 本领域技术人员可以理解, 该 "预 定时间段" 和 "预定阈值" 可以根据***的配置、 用户的需求等因素 由服务器 1或者接收方 3进行设定的。 Solution 3: The sender 2 sends the sending information or sends the sending request for more than a predetermined threshold within a predetermined time period. Take the instant messaging user as an example. User A and User B are friends who have already been authenticated. After the user A client has a virus, the client A's client (ie, the sender) will covertly send the virus link to the other friends of the user A. At this time, the authentication mechanism of the server 1 detects the abnormal behavior of the user A transmitting a large amount of information in a short time, that is, the server 1 detects the number of times the sender sends the transmission information or sends the transmission request within a predetermined time period. Greater than a predetermined threshold. Then, the server 1 judges that it is necessary to transmit the authentication information to the sender, that is, the user A. Those skilled in the art will appreciate that the "predetermined time period" and "predetermined threshold" may be set by the server 1 or the recipient 3 depending on factors such as the configuration of the system, the needs of the user, and the like.
否则, 例如, 用户 A与用户 B是已经通过认证的好友, 且服务 器 1未检测到用户 A发送消息的异常情况,则服务器 1允许发送信息 被直接提供给用户 B, 也即接收方 3。  Otherwise, for example, if User A and User B are friends who have already authenticated, and Server 1 does not detect an abnormal situation in which User A sends a message, Server 1 allows the sending information to be directly provided to User B, that is, Receiver 3.
当服务器 1需要向发送方 2提供验证信息时,该方法进入步骤 S11 , 服务器 1向所述发送方提供所述验证信息。  When the server 1 needs to provide the verification information to the sender 2, the method proceeds to step S11, and the server 1 provides the verification information to the sender.
该验证信息包括一组字符串的相关信息, 该一组字符串的相关信息 包括图片数据, 该图片数据显示出一组字符串, 和 /或该一组字符串的相 关信息包括音频数据, 该音频数据读出所述一组字符串, 和 /或者该字符 串的相关信息包括显示在触摸屏的不同位置的字符串。  The verification information includes related information of a set of character strings, the related information of the set of character strings includes image data, the image data displays a set of character strings, and/or the related information of the set of character strings includes audio data, The audio data reads out the set of strings, and/or the associated information of the string includes strings that are displayed at different locations on the touch screen.
当作为 PC用户的发送方 2点击发送按钮或者其他相当于发送功能 的按键或者功能键后, 服务器 1通过在发送方 2的显示屏幕上出现对话 框, 或者弹出窗口的方式用于显示认证信息。  When the sender 2 as the PC user clicks the send button or other button or function key equivalent to the transmission function, the server 1 displays the authentication information by appearing on the display screen of the sender 2 or by popping up the window.
在另一个实施方式中, 当手机或者视频通话的发送方 2 (也即呼 叫方) 想通过语音网络连通其他终端用户 (也即接收方 3 ) 时, 当发 送方 2, 例如是恶意软件发送连通接收方 3的请求时, 服务器 1的认 证机制会将认证请求信息发送给发出该连接请求的发送方 2, 要求发 送方 2 的客户端返回认证信息。 这时会有图片显示在手机 /可视电话 上, 发送方 2需按要求输入认证信息并确定。  In another embodiment, when the sender 2 (ie, the calling party) of the mobile phone or video call wants to connect to other terminal users (ie, the recipient 3) through the voice network, when the sender 2, for example, the malware sends the connection Upon receiving the request from the party 3, the authentication mechanism of the server 1 transmits the authentication request information to the sender 2 that issued the connection request, and requests the client of the sender 2 to return the authentication information. At this time, a picture will be displayed on the mobile/videophone, and the sender 2 will enter the authentication information and determine it as required.
此外, 对于固定电话的主叫方, 也即发送方 2, 当其希望经由交 换机或者路由器等向被叫方, 也即接收方 3提供信息, 例如发送呼叫 请求时, 交换机中的服务器 1中的语音平台也可能向主叫方 2提供认 证信息,该认证信息包括音频数据,该音频数据读出一组字符串的认证 信息。 例如, 语音平台播放读出 "14567" 字符串的录音。 In addition, for the calling party of the fixed telephone, that is, the sender 2, when it wishes to provide information to the called party, that is, the receiving party 3 via a switch or a router, for example, when sending a call request, the server 1 in the switch The voice platform may also provide recognition to the calling party 2 The authentication information includes audio data that reads the authentication information of a set of strings. For example, the voice platform plays a recording that reads the "14567" string.
然后, 发送方 2根据由服务器 1或者接收方 2所定义的预定规则反 馈对应的字符串。 例如, 如果服务器 1向发送方 2显示如图 3所示的认 证信息, 并且该预定规则是服务器 1要求发送方 2按照图片中显示的字 母或数字的顺序依次反馈图片中所显示的所有的字符串, 则相应地, 根 据该预定规则, 发送方 2向服务器 1反馈对应的数字或字母, 在图 3所 示的例子中,发送方 2反馈数字和字母 16th thigh。 为了进一步地提高验 证的安全性, 防止欺诈、 以及暴力破解情形的发生, 可以进一步地增加 反馈的难度,例如该预定规则为服务器 1要求发送方 2反馈指定的内容, 例如, 该预定规则为要求发送方 2反馈图片中显示的若干数字或者字母 中的第 2个和第 4个数字或字母, 仍以图 3为例, 则发送方 2输入字母 6 h; 或除第 6个数字或字母之外的数字或字母, 以图 3为例, 则发送方 2输入字母 16th tigh, 或者按照与所显示的数字或者字母相反的顺序反 馈这些数字或者字母, 仍以图 3为例, 反馈 hgiht ht61。 此外, 该预定规 字母等。 从图 3可以看出, 这些字符是扭曲的, 且图片中的数字或字母 并非遵循一定的规律, 数字或字母都由像素点构成, 在另一些实施方式 中, 数字或字母与图片中的其他内容由不同颜色的彩色像素点构成, 因 而无法提取出来。 对于无法提取的、 无规律可循的数据信息, 计算机软 件很难识别, 因为软件识别通常都是非智能的, 对于无规律的问题, 很 难用规则的程序语言进行编程。 而人工智能现在还无法成熟的运用于图 像分析领域。 即使用很复杂的算法与计算机设备计算出结果, 这种成本 开销也是得不偿失的, 因此, 服务器 1可以采用这种认证方式识别出那 些采用软件代发信息的发送方, 并阻止其向接收方 3提供信息。  Then, the sender 2 feeds back the corresponding character string according to a predetermined rule defined by the server 1 or the receiver 2. For example, if the server 1 displays the authentication information as shown in FIG. 3 to the sender 2, and the predetermined rule is that the server 1 requests the sender 2 to sequentially feed back all the characters displayed in the picture in the order of the letters or numbers displayed in the picture. The string, accordingly, according to the predetermined rule, the sender 2 feeds back the corresponding number or letter to the server 1. In the example shown in Fig. 3, the sender 2 feeds back the number and the letter 16th thigh. In order to further improve the security of verification, prevent fraud, and the occurrence of brute force situations, the difficulty of feedback may be further increased. For example, the predetermined rule is that the server 1 requests the sender 2 to feed back the specified content, for example, the predetermined rule is a request. The second and fourth digits or letters of the number or letter displayed in the sender 2 feedback picture are still in the example of FIG. 3, and the sender 2 inputs the letter 6 h; or the sixth digit or letter For the external numbers or letters, for example, in Figure 3, the sender 2 enters the letters 16th tigh, or feeds back the numbers or letters in the reverse order of the displayed numbers or letters. Still, in Figure 3, the feedback hgiht ht61 is given. In addition, the predetermined rules and the like. As can be seen from Figure 3, the characters are distorted, and the numbers or letters in the picture do not follow a certain rule. The numbers or letters are composed of pixels. In other embodiments, the numbers or letters and other characters in the picture The content consists of colored pixels of different colors and cannot be extracted. Computer software is difficult to identify for data that cannot be extracted and is irregular. Because software recognition is usually non-intelligent, it is difficult to program in a regular programming language for irregular problems. Artificial intelligence is still not mature enough for image analysis. That is, using a very complicated algorithm and a computer device to calculate the result, the cost overhead is not worth the loss. Therefore, the server 1 can use this authentication method to identify the senders that use the software to send information and prevent them from being sent to the receiver 3 provide information.
此外, 固定电话的发送方 2按照预定规则通过话机的键盘输入认 证信息, 例如, 如果语音平台播放读出 "14567" 字符串的录音, 且预 定规则为服务器 1要求发送方 2按照音频中读出的数字的顺序依次反馈 其中的所有的字符串, 则发送方应当通过键盘依次输入 14567。  In addition, the sender 2 of the fixed telephone inputs the authentication information through the keyboard of the telephone according to a predetermined rule, for example, if the voice platform plays the recording of the character string "14567", and the predetermined rule is that the server 1 requests the sender 2 to read in the audio. The order of the numbers in turn returns all the strings in it, and the sender should input 14567 through the keyboard.
此外, 认证信息还可以包含一些接收方 3所设定的与接收方 3的属 性相关的信息。 例如, 一些简单的问题, 包括接收方的性别, 所在单位 等, 这些与接收方 3的属性相关的信息也可以同样识别出那些采用软件 代发信息的发送方, 并阻止其向接收方 3提供信息。 In addition, the authentication information may also include some genus set by the receiver 3 and the receiver 3 Sexually relevant information. For example, some simple questions, including the gender of the recipient, the unit in which they are located, etc., and the information related to the attributes of the recipient 3 can also identify the senders who use the software to send the information and prevent them from being provided to the receiver 3. information.
然后,在步骤 S12中,服务器 1接收来自发送方 2所反馈的字符串。 例如, 预定规则为服务器 1要求发送方 2按照图片中显示的字母或数字 的顺序依次反馈图片中所显示的所有的字符串, 当发送方 2是普通的个 人用户时, 则发送方 1按照顺序输入 16th thigh; 而当发送方 2是恶意软 件时, 该发送方 2因为无法正确提取出字符串信息, 因此, 该发送方 2 可能随机反馈一串字符串, 或者无法做出任何响应。  Then, in step S12, the server 1 receives the character string fed back from the sender 2. For example, the predetermined rule is that the server 1 requests the sender 2 to sequentially feed back all the strings displayed in the picture in the order of the letters or numbers displayed in the picture. When the sender 2 is an ordinary individual user, the sender 1 follows the order. Enter 16th thigh; When sender 2 is malware, the sender 2 cannot correctly extract the string information, so the sender 2 may randomly feed back a string of characters or cannot respond.
然后, 在步骤 S13中, 服务器 1判断由发送方 2所反馈的字符串是 否符合预定规则: 仍以图 3为例, 当预定规则是服务器 1要求发送方 2 按照图片中显示的字母或数字的顺序依次反馈图片中所显示的所有的 字符串, 发送方 2所反馈的字符串不符合预定规则时, 则该方法进入步 骤 S14, 服务器 1 阻止所述发送信息被提供给接收方, 也即, 服务器 1 判断该发送方采用自动软件进行发送, 其发送的内容很有可能包含病 毒、 广告、 诈骗等垃圾信息或危害信息, 从而阻止这些信息被提供给接 收方, 防止接收方中毒或者被诈骗等。  Then, in step S13, the server 1 determines whether the character string fed back by the sender 2 conforms to the predetermined rule: still taking FIG. 3 as an example, when the predetermined rule is that the server 1 requests the sender 2 to follow the letters or numbers displayed in the picture. If all the character strings displayed in the picture are sequentially fed back in sequence, and the character string fed back by the sender 2 does not meet the predetermined rule, the method proceeds to step S14, and the server 1 prevents the transmission information from being provided to the receiver, that is, Server 1 determines that the sender sends the software by using automatic software. The content sent by the server is likely to contain spam, advertisements, fraud, and other spam or harmful information, thereby preventing the information from being provided to the receiver, preventing the recipient from being poisoned or being defrauded. .
此外, 如果服务器 1的认证机制等待超时, 仍未接收到来自发送 方 2所反馈的字符串的相关信息时, 则服务器 1认为该发送方很有可 能是恶意软件, 因为恶意软件通常无法识别出认证信息, 因此该发送 方 2未通过认证。 则服务器 1的认证机制拒绝恶意软件的连通请求。 恶意软件也就无法让其他终端用户振铃, 因此服务器 1的认证机制达 到阻止恶意软件在语音网络发起恶意振铃的作用。 当然, 通过判断反 语音通话的用户, 同样也适用于数据通信, 例如即时通信, 邮件通信 的用户。  In addition, if the authentication mechanism of the server 1 waits for a timeout and has not received the relevant information from the string fed back by the sender 2, the server 1 considers that the sender is likely to be malware because the malware usually cannot recognize the malware. Authentication information, so the sender 2 did not pass the authentication. Then the authentication mechanism of the server 1 rejects the connection request of the malware. Malware cannot ring other end users, so the authentication mechanism of Server 1 prevents malicious software from initiating malicious ringing on the voice network. Of course, by judging the users of anti-voice calls, the same applies to data communication, such as instant messaging, mail communication users.
例如, 即时通信的用户 A客户端将病毒链接发送给用户 B之前, 服务器 1 的认证机制将认证图片发送给用户 A客户端, 由于 A客户 端无法自动识别认证信息, 最终认证失败, 服务器 1的认证机制将阻 止用户 A客户端将含有病毒链接的信息发送给好友用户 B。 此外,服务器 1还可以进一步地提高对用户 A发送信息的认证频 率。 多次认证失败后, 服务器 1的认证机制将对每次用户 A客户端的 发送信息的请求进行认证,从而阻止用户 A的客户端将病毒链接发送 给其他用户。 For example, before the user A client of the instant messaging sends the virus link to the user B, the authentication mechanism of the server 1 sends the authentication picture to the user A client. Since the A client cannot automatically identify the authentication information, the final authentication fails, and the server 1 fails. The authentication mechanism will prevent the user A client from sending information containing the virus link to the friend user B. In addition, the server 1 can further increase the authentication frequency for transmitting information to the user A. After multiple authentication failures, the authentication mechanism of the server 1 authenticates the request for sending information of the user A client each time, thereby preventing the client of the user A from transmitting the virus link to other users.
否则, 当发送方 2向服务器 1所反馈的字符串符合预定规则时, 则 服务器 1判断该发送方 2通过认证, 该方法进入步骤 S15, 服务器 1允 许所述发送信息被提供给接收方 3。  Otherwise, when the character string fed back by the sender 2 to the server 1 conforms to the predetermined rule, the server 1 judges that the sender 2 has passed the authentication, and the method proceeds to step S15, and the server 1 allows the transmission information to be provided to the receiver 3.
以下, 参照图 4并结合图 2和图 3 , 对根据本发明的一个具体实 施方式的装置框图进行详细地描述。 图 4示出了根据本发明的一个具 体实施方式的装置框图。  Hereinafter, a block diagram of a device according to a specific embodiment of the present invention will be described in detail with reference to FIG. 4 in conjunction with FIGS. 2 and 3. Figure 4 shows a block diagram of a device in accordance with one embodiment of the present invention.
其中, 处理装置 10位于服务器 1中。 处理装置 10包括验证信息提 供判断装置 100, 提供装置 101 ,接收装置 102, 符合规则判断装置 103, 阻止装置 104和允许装置 105。  The processing device 10 is located in the server 1. The processing device 10 includes a verification information providing judging device 100, a providing device 101, a receiving device 102, a compliance judging device 103, a blocking device 104, and an enabling device 105.
首先, 验证信息提供判断装置 100判断是否需要向发送方 2提供验 证信息, 其中, 该验证信息包括一组字符串的相关信息, 该一组字符串 无法从所述验证信息中被提取出来。  First, the verification information providing judging means 100 judges whether or not it is necessary to provide the verification information to the sender 2, wherein the verification information includes related information of a set of character strings, and the set of character strings cannot be extracted from the verification information.
该判断的内容包括:  The content of this judgment includes:
方案四: 获取了来自发送方 2的发送信息或者发送请求  Option 4: Obtain the sending information or send request from sender 2
验证信息提供判断装置 100可以在只要接收到来自发送方 2的发送 信息或发送请求后,判断需要启动认证机制,向发送方 2发送认证信息, 用于认证发送方 2。  The authentication information providing determination means 100 can determine that the authentication mechanism needs to be activated after transmitting the transmission information or the transmission request from the sender 2, and transmits the authentication information to the sender 2 for authenticating the sender 2.
i) 例如, 对于发送方 2是不易升级的客户端时, 例如手机用户或者 其他硬件终端, 发送方 2直接将发送信息发出, 此时, 服务器 1立即启 动认证机制, 向发送方 2发送认证信息, 用于认证发送方 2。 这种实现 的方式适用于客户端不易升级的情形, 在服务器 1端就可以完成全部的 认证操作。 当然, 这种认证启动条件也同样适用于易于升级的客户端, 具体的设置取决于终端和服务器的配置信息。  i) For example, when the sender 2 is a client that is not easy to upgrade, such as a mobile phone user or other hardware terminal, the sender 2 directly sends a message, and at this time, the server 1 immediately starts the authentication mechanism and sends the authentication information to the sender 2. , used to authenticate sender 2. This implementation is suitable for situations where the client is not easy to upgrade, and all authentication operations can be performed on the server side. Of course, this kind of authentication start condition is also applicable to the client that is easy to upgrade. The specific settings depend on the configuration information of the terminal and the server.
ii )对于发送方 2是易于升级的客户端的情况, 例如软件客户端等, 发送方 2首先发出请求发送信息的信令给认证机制, 当认证通过后, 才 能将信息发送到服务网络中。 例如, 对于基于电脑用户终端的即时通信 的用户, 发送方 2希望发送一个消息至接收方, 因此, 发送方 2点击发 送按钮, 或者其他相当于发送功能的按键或者功能键, 例如输入键 ( enter ), 则如果发送方 2的相对方, 也即接收方 3配置为需要发送方 2 经过认证, 则此时, 发送方 2所请求发送的发送信息并未到达服务器 1, 实际到达服务器 1的是发送方 2的发送请求, 服务器 1接收到来自发送 方 2的发送请求, 则立即向发送方提供认证信息。 采用这种对来自发送 方的客户端的发送请求而非发送信息进行认证的方式, 相应速度快, 用 户体验好, 如果认证失败, 服务器的认证机制阻止信息的发出, 能防止 恶意用户发送信息浪费网络资源。 Ii) In the case where the sender 2 is a client that is easy to upgrade, such as a software client, the sender 2 first sends a signaling requesting to send information to the authentication mechanism, and when the authentication is passed, the information can be sent to the service network. For example, for instant communication based on computer user terminals User 2, sender 2 wants to send a message to the receiver, therefore, sender 2 clicks the send button, or other button or function key equivalent to the send function, such as enter key, if the opposite side of sender 2 That is, the receiver 3 is configured to require the sender 2 to be authenticated. At this time, the transmission information requested by the sender 2 does not reach the server 1, and the actual server 1 is the sender 2 transmission request, and the server 1 receives the transmission request. Upon the transmission request from the sender 2, the authentication information is immediately provided to the sender. The method of authenticating the sending request from the sender's client instead of sending the information is fast, and the user experience is good. If the authentication fails, the server's authentication mechanism prevents the information from being sent, and the malicious user can prevent the malicious user from sending information to waste the network. Resources.
方案五: 发送方 2的地址不被包含在不需要进行检测的发送者的地 址中  Option 5: The address of sender 2 is not included in the address of the sender who does not need to be detected.
服务器 1中可以预存不需要进行检测的发送者的地址,也即白名单, 这些地址可以是由接收方 3提供的, 也可以是通信***设定的。 服务器 1获取了来自接收方 2的发送请求或者发送消息后, 一般地, 该发送请 求或者发送消息中包含发送方的标识信息或者地址信息, 发送方 2的地 址包括邮件地址(对应于邮件发送方), IP地址, MAC地址(对应于数 据通信信息发送方)、 端口地址(对应语音通话)、 终端标识(包括手机 号码, 手机的 ID等, 对应于手机等发送方)等, 服务器 1可以从该发 送信息或者所述发送请求中提取出这些标识信息或者地址信息。 当发送 方的地址未包含在不需要进行检测的列表, 也即白名单中时, 则验证信 息提供判断装置 100判断需要发送验证信息, 对发送方 2进行验证。 例 如, 一个朗讯的员工将本公司的其他人的邮箱设置为不需要检测的邮 箱, 例如, 设置 "*@alcatd-lucent.com" 为不需要检测的, 则当验证信 息提供判断装置 100发现非 @alcatd-lucent.com后缀的邮件地址时, 服 务器 1向这些邮件的发送者发送验证信息,又如,对于语音通话的用户, 其可以设置对某些子网的网段的用户不需要经过认证, 则当验证信息提 供判断装置 100接收到的发送请求或者发送信息的发送方 2并非属于这 些不需要认证的网段时, 验证信息提供判断装置 100判断为需要向这些 发送方 2发送认证信息。  The address of the sender that does not need to be detected, that is, the white list, may be pre-stored in the server 1, and these addresses may be provided by the receiver 3 or may be set by the communication system. After the server 1 obtains the transmission request or the transmission message from the receiver 2, generally, the transmission request or the transmission message includes the sender's identification information or address information, and the sender's 2 address includes the email address (corresponding to the mail sender) ), IP address, MAC address (corresponding to the sender of the data communication information), port address (corresponding to the voice call), terminal identification (including the mobile phone number, the ID of the mobile phone, etc., corresponding to the sender of the mobile phone, etc.), etc., the server 1 can The identification information or the address information is extracted from the transmission information or the transmission request. When the address of the sender is not included in the list that is not required to be detected, that is, in the white list, the verification information providing judgment means 100 judges that the verification information needs to be transmitted, and verifies the sender 2. For example, a Lucent employee sets the mailbox of the other person in the company as a mailbox that does not need to be detected. For example, if "*@alcatd-lucent.com" is set to be unnecessary, the verification information providing judgment device 100 finds that When the email address of the @alcatd-lucent.com suffix is sent, the server 1 sends the authentication information to the sender of the mail. For example, for the user of the voice call, the user of the network segment of the certain subnet does not need to be authenticated. Then, when the transmission request received by the verification information providing determination means 100 or the sender 2 transmitting the information does not belong to the network segments that do not require authentication, the verification information providing determination means 100 determines that it is necessary to transmit the authentication information to the senders 2.
否则, 验证信息提供判断装置 100判断为不需要向发送方 2提供验 证信息, 服务器 1允许所述发送信息被直接提供给所述接收方。 例如, 一个朗讯的员工将本公司的其他人的邮箱设置为不需要检测的邮箱, 例 如, 设置 "*@alcatel-lucent.com" 为不需要检测的, 则当服务器 1发现 以@&10&{61-11^611 0111为后缀的邮件地址时, 服务器 1 允许发送信息被 直接提供给所述接收方 3.又如, 对于语音通话的用户, 其可以设置对某 些子网的网段的用户不需要经过认证, 则当服务器 1接收到的发送请求 或者发送信息的发送方 2属于这些不需要认证的网段时, 服务器 1允许 发送信息被直接提供给接收方 3。 Otherwise, the verification information providing determination means 100 determines that it is not necessary to provide the inspection to the sender 2 The certificate information, the server 1 allows the transmission information to be directly provided to the recipient. For example, a Lucent employee sets the mailbox of the rest of the company to a mailbox that does not need to be detected. For example, if "*@alcatel-lucent.com" is set to not need to be detected, then server 1 finds that @&10&{61 When -11^611 0111 is the mail address of the suffix, the server 1 allows the sending information to be directly provided to the receiving party. 3. For example, for the user of the voice call, the user of the network segment of some subnets may be set. If authentication is required, the server 1 allows the transmission information to be directly provided to the receiver 3 when the transmission request received by the server 1 or the sender 2 transmitting the information belongs to the network segment that does not require authentication.
方案六: 发送方 2在一个预定时间段内发送所述发送信息或者发送 所述发送请求的次数大于一个预定阈值  Solution 6: The sender 2 sends the sending information within a predetermined time period or sends the sending request for more than a predetermined threshold.
以即时通信的用户为例进行说明。用户 A与用户 B是已经通过认 证的好友。 当用户 A客户端中病毒后, 用户 A的客户端 (也即, 发送 方)会隐蔽的将病毒链接发送给用户 A的其他好友。 此时, 服务器 1 的认证机制会检测到用户 A在短时间内发送大量信息的异常行为,也 即, 服务器 1检测到发送方在一个预定时间段内发送该发送信息或者 发送该发送请求的次数大于一个预定阈值。 则验证信息提供判断装置 100判断需要向发送方, 也即用户 A发送认证信息。 本领域技术人员 可以理解, 该 "预定时间段" 和 "预定阈值" 可以根据***的配置、 用户的需求等因素由服务器 1或者接收方 3进行设定的。  Take the instant messaging user as an example. User A and User B are friends who have been authenticated. When the user A client has a virus, User A's client (that is, the sender) will implicitly send the virus link to User A's other friends. At this time, the authentication mechanism of the server 1 detects the abnormal behavior of the user A transmitting a large amount of information in a short time, that is, the server 1 detects the number of times the sender sends the transmission information or sends the transmission request within a predetermined time period. Greater than a predetermined threshold. Then, the verification information providing judgment means 100 judges that it is necessary to transmit the authentication information to the sender, that is, the user A. Those skilled in the art will appreciate that the "predetermined time period" and "predetermined threshold" may be set by the server 1 or the recipient 3 depending on factors such as the configuration of the system, the needs of the user, and the like.
否则, 例如, 用户 A与用户 B是已经通过认证的好友, 且服务 器 1未检测到用户 A发送消息的异常情况,验证信息提供判断装置 100 判断不需要向发送方 2提供认证信息,则允许装置 105允许发送信息被 直接提供给用户 B, 也即接收方 3。  Otherwise, for example, the user A and the user B are friends who have passed the authentication, and the server 1 does not detect the abnormal situation in which the user A sends a message, and the verification information providing determination device 100 determines that it is not necessary to provide the authentication information to the sender 2, and then allows the device. 105 allows the transmission of information to be provided directly to User B, that is, Receiver 3.
当验证信息提供判断装置 100 判断需要向发送方 2提供验证信息 时, 提供装置 101向所述发送方提供所述验证信息。  When the verification information providing judgment means 100 judges that the verification information needs to be supplied to the sender 2, the providing means 101 supplies the verification information to the sender.
该验证信息包括一组字符串的相关信息, 该一组字符串的相关信息 包括图片数据, 该图片数据显示出一组字符串, 和 /或该一组字符串的相 关信息包括音频数据, 该音频数据读出所述一组字符串, 和 /或者该字符 串的相关信息包括显示在触摸屏的不同位置的字符串。  The verification information includes related information of a set of character strings, the related information of the set of character strings includes image data, the image data displays a set of character strings, and/or the related information of the set of character strings includes audio data, The audio data reads out the set of strings, and/or the associated information of the string includes strings that are displayed at different locations on the touch screen.
优选地, 这些认证信息是由服务器随机生成的, 并传递给发送方的 客户端, 以增强认证的安全性和可靠性。 Preferably, the authentication information is randomly generated by the server and transmitted to the sender. Client to enhance the security and reliability of authentication.
当使用 PC客户端的发送方 2点击发送按钮或者其他相当于发送功 能的按键或者功能键后, 提供装置 101通过在发送方 2的显示屏幕上出 现对话框, 或者弹出窗口的方式用于显示认证信息。  When the sender 2 of the PC client clicks the send button or other button or function key corresponding to the sending function, the providing device 101 displays the authentication information by displaying a dialog box on the display screen of the sender 2 or by popping up a window. .
在另一个实施方式中, 当手机或者视频通话的发送方 2 (也即呼 叫方) 想通过语音网络连通其他终端用户 (也即接收方 3 ) 时, 当发 送方 2, 例如是恶意软件发送连通接收方 3的请求时, 服务器 1的认 证机制会将认证请求信息提供给发出该连接请求的发送方 2, 要求发 送方 2 的客户端返回认证信息。 这时会有图片显示在手机 /可视电话 上, 发送方 2需按要求输入认证信息并确定。  In another embodiment, when the sender 2 (ie, the calling party) of the mobile phone or video call wants to connect to other terminal users (ie, the recipient 3) through the voice network, when the sender 2, for example, the malware sends the connection Upon receiving the request from the party 3, the authentication mechanism of the server 1 provides the authentication request information to the sender 2 that issued the connection request, and requests the client of the sender 2 to return the authentication information. At this time, a picture will be displayed on the mobile/videophone, and the sender 2 will enter the authentication information and determine it as required.
此外, 对于固定电话的主叫方, 也即发送方 2, 当其希望经由交 换机或者路由器等向被叫方, 也即接收方 3提供信息, 例如发送呼叫 请求时, 提供装置 101, 例如交换机中的服务器 1 中的语音平台也可 能向主叫方 2提供认证信息, 该认证信息包括音频数据, 该音频数据 读出一组字符串的认证信息。 例如, 语音平台播放读出 "14567" 字符 串的录音。  In addition, for the calling party of the fixed telephone, that is, the sender 2, when it wishes to provide information to the called party, that is, the receiving party 3 via a switch or router, etc., for example, when transmitting a call request, the providing device 101, for example, in the switch The voice platform in the server 1 may also provide authentication information to the calling party 2, the authentication information including audio data, which reads the authentication information of a set of strings. For example, the voice platform plays a recording that reads the "14567" character string.
然后, 发送方 2根据由服务器 1或者接收方 2所定义的预定规则反 馈对应的字符串。 例如, 如果服务器 1向发送方 2显示如图 3所示的认 证信息, 并且该预定规则是服务器 1要求发送方 2按照图片中显示的字 母或数字的顺序依次反馈图片中所显示的所有的字符串, 则相应地, 根 据该预定规则, 发送方 2向服务器 1反馈对应的数字或字母, 在图 3所 示的例子中, 发送方 2反馈数字和字母 16th thigh。 为了进一步地提高验 证的安全性, 防止欺诈、 以及暴力破解情形的发生, 可以进一步地增加 反馈的难度,例如该预定规则为服务器 1要求发送方 1反馈指定的内容, 例如, 该预定规则为要求发送方 2反馈图片中显示的若干数字或者字母 中的第 2个和第 4个数字或字母, 仍以图 3为例, 则发送方 2输入字母 6 h; 或除第 6个数字或字母之外的数字或字母, 以图 3为例, 则发送方 2输入字母 16th tigh, 或者按照与所显示的数字或者字母相反的顺序反 馈这些数字或者字母, 仍以图 3为例, 反馈 hgiht ht61。 此外, 该预定规 则还可以包括要求发送方 2反馈按照数字或者字母顺序缺失的数字或者 字母等。 从图 3可以看出, 这些字符是扭曲的, 且图片中的数字或字母 并非遵循一定的规律, 数字或字母都由像素点构成, 在另一些实施方式 中, 数字或字母与图片中的其他内容由不同颜色的彩色像素点构成, 因 而无法提取出来。 对于无法提取的、 无规律可循的数据信息, 计算机软 件很难识别, 因为软件识别通常都是非智能的, 对于无规律的问题, 很 难用规则的程序语言进行编程。 而人工智能现在还无法成熟的运用于图 像分析领域。 即使用很复杂的算法与计算机设备计算出结果, 这种成本 开销也是得不偿失的, 因此, 服务器 1可以采用这种认证方式识别出那 些采用软件代发信息的发送方, 并阻止其向接收方 3提供信息。 Then, the sender 2 feeds back the corresponding character string according to a predetermined rule defined by the server 1 or the receiver 2. For example, if the server 1 displays the authentication information as shown in FIG. 3 to the sender 2, and the predetermined rule is that the server 1 requests the sender 2 to sequentially feed back all the characters displayed in the picture in the order of the letters or numbers displayed in the picture. The string, accordingly, according to the predetermined rule, the sender 2 feeds back the corresponding number or letter to the server 1. In the example shown in Fig. 3, the sender 2 feeds back the number and the letter 16th thigh. In order to further improve the security of the verification, prevent the occurrence of fraud, and brute force, the difficulty of the feedback may be further increased. For example, the predetermined rule is that the server 1 requests the sender 1 to feed back the specified content, for example, the predetermined rule is a request. The second and fourth digits or letters of the number or letter displayed in the sender 2 feedback picture are still in the example of FIG. 3, and the sender 2 inputs the letter 6 h; or the sixth digit or letter For the external numbers or letters, for example, in Figure 3, the sender 2 enters the letters 16th tigh, or feeds back the numbers or letters in the reverse order of the displayed numbers or letters. Still, in Figure 3, the feedback hgiht ht61 is given. In addition, the predetermined rule may further include requiring the sender 2 to feedback the number missing in numerical or alphabetical order or Letters, etc. As can be seen from Figure 3, the characters are distorted, and the numbers or letters in the picture do not follow a certain rule. The numbers or letters are composed of pixels. In other embodiments, the numbers or letters and other characters in the picture The content consists of colored pixels of different colors and cannot be extracted. Computer software is difficult to identify for data that cannot be extracted and is irregular. Because software recognition is usually non-intelligent, it is difficult to program in a regular programming language for irregular problems. Artificial intelligence is still not mature enough for image analysis. That is, using a very complicated algorithm and a computer device to calculate the result, the cost overhead is not worth the loss. Therefore, the server 1 can use this authentication method to identify the senders that use the software to send information and prevent them from being sent to the receiver 3 provide information.
此外, 固定电话的发送方 2按照预定规则通过话机的键盘输入认 证信息, 例如, 如果语音平台播放读出 " 14567" 字符串的录音, 且预 定规则为服务器 1要求发送方 2按照音频中读出的数字的顺序依次反馈 其中的所有的字符串, 则发送方应当通过键盘依次输入 14567。  In addition, the sender 2 of the fixed telephone inputs the authentication information through the keyboard of the telephone according to a predetermined rule, for example, if the voice platform plays the recording of the character string read "14567", and the predetermined rule is that the server 1 requests the sender 2 to read out according to the audio. The order of the numbers in turn returns all the strings in it, and the sender should input 14567 through the keyboard.
此外, 认证信息还可以包含一些接收方 3所设定的与接收方 3的属 性相关的信息。 例如, 一些简单的问题, 包括接收方的性别, 所在单位 等, 这些与接收方 3的属性相关的信息也可以同样识别出那些采用软件 代发信息的发送方, 并阻止其向接收方 3提供信息。  In addition, the authentication information may also include some information related to the attributes of the recipient 3 set by the recipient 3. For example, some simple questions, including the gender of the recipient, the unit in which they are located, etc., and the information related to the attributes of the recipient 3 can also identify the senders who use the software to send the information and prevent them from being provided to the receiver 3. information.
然后, 接收装置 102接收来自发送方 2所反馈的字符串。 例如, 预 定规则为服务器 1要求发送方 2按照图片中显示的字母或数字的顺序依 次反馈图片中所显示的所有的字符串,当发送方 2是普通的个人用户时 , 则发送方 2按照顺序输入 16th thigh; 而当发送方 2是恶意软件时, 该发 送方 2因为无法正确提取出字符串信息, 因此, 该发送方 2可能随机反 馈一串字符串, 或者无法做出任何响应。  Then, the receiving device 102 receives the character string fed back from the sender 2. For example, the predetermined rule is that the server 1 requests the sender 2 to sequentially feed back all the characters displayed in the picture according to the alphabet or number displayed in the picture. When the sender 2 is an ordinary individual user, the sender 2 follows the order. Input 16th thigh; When sender 2 is malware, the sender 2 cannot correctly extract the string information, so the sender 2 may randomly feed back a string of characters or cannot respond.
然后, 符合规则判断装置 103判断由发送方 2所反馈的字符串是否 符合预定规则: 仍以图 3为例 , 当预定规则是服务器 1要求发送方 2按 照图片中显示的字母或数字的顺序依次反馈图片中所显示的所有的字 符串, 符合规则判断装置 103判断发送方 2所反馈的字符串不符合预定 规则时, 阻止装置 104阻止所述发送信息被提供给接收方, 也即, 服务 器 1判断该发送方采用自动软件进行发送, 其发送的内容很有可能包含 病毒、 广告、 诈骗等垃圾信息或危害信息, 因而认证失败, 从而阻止装 置 104阻止这些信息被提供给接收方, 防止接收方中毒或者被作骗等。 此外, 如果服务器 1的认证机制等待超时, 仍未接收到来自发送 方 2所反馈的字符串的相关信息时, 则符合规则判断装置 103认为该 发送方很有可能是恶意软件, 因为恶意软件通常无法识别出认证信 息, 因此该发送方 2未通过认证。 则服务器 1的认证机制拒绝恶意软 件的连通请求。 恶意软件也就无法让其他终端用户振铃, 因此阻止装 置 104达到阻止恶意软件在语音网络发起恶意振铃的作用。 当然, 通 仅适用于语音通话的用户, 同样也适用于数据通信, 例如即时通信, 邮件通信的用户。 Then, the matching rule judging means 103 judges whether the character string fed back by the sender 2 conforms to the predetermined rule: Still taking FIG. 3 as an example, when the predetermined rule is that the server 1 requests the sender 2 to follow the order of letters or numbers displayed in the picture. When all the character strings displayed in the feedback picture are judged by the rule judging means 103 to judge that the character string fed back by the sender 2 does not conform to the predetermined rule, the blocking means 104 prevents the transmission information from being supplied to the receiving side, that is, the server 1 It is judged that the sender sends the software by using automatic software, and the content sent by the sender is likely to contain spam, advertisement, fraud, and other spam or hazard information, so the authentication fails, thereby preventing the installation. Block 104 prevents this information from being provided to the recipient, preventing the recipient from poisoning or being tricked. In addition, if the authentication mechanism of the server 1 waits for a timeout and has not received the relevant information from the character string fed back by the sender 2, the compliance rule determining means 103 considers that the sender is likely to be malware because the malware usually The authentication information is not recognized, so the sender 2 does not pass the authentication. Then the authentication mechanism of the server 1 rejects the connection request of the malware. Malware also fails to ring other end users, thus preventing device 104 from blocking malware from initiating malicious ringing on the voice network. Of course, users who only apply to voice calls are equally applicable to data communications, such as instant messaging, mail communication users.
例如, 即时通信的用户 A客户端将病毒链接发送给用户 B之前, 提供装置 101将认证图片发送给用户 A客户端, 由于 A客户端无法 自动识别认证信息, 符合规则判断装置 103判断最终认证失败, 阻止 装置 104 阻止用户 A客户端将含有病毒链接的信息发送给好友用户 B。  For example, before the user A client of the instant messaging sends the virus link to the user B, the providing device 101 sends the authentication picture to the user A client. Since the A client cannot automatically identify the authentication information, the compliance rule determining device 103 determines that the final authentication fails. The blocking device 104 prevents the user A client from transmitting the information containing the virus link to the friend user B.
此外,服务器 1还可以进一步地提高对用户 A发送信息的认证频 率。 多次认证失败后, 服务器 1的认证机制将对每次用户 A客户端的 发送信息的请求进行认证,从而阻止用户 A的客户端将病毒链接发送 给其他用户。  In addition, the server 1 can further increase the authentication frequency for transmitting information to the user A. After multiple authentication failures, the authentication mechanism of Server 1 will authenticate each request sent by User A client, thereby preventing User A's client from sending virus links to other users.
否则, 当符合规则判断装置 103判断发送方 2向服务器 1所反馈的 字符串符合预定规则时, 则服务器 1判断该发送方 2通过认证, 允许装 置 105允许所述发送信息被提供给接收方 3。  Otherwise, when the matching rule judging means 103 judges that the character string fed back by the sender 2 to the server 1 conforms to the predetermined rule, the server 1 judges that the sender 2 passes the authentication, and allows the device 105 to allow the transmission information to be supplied to the receiver 3 .
此外, 虽然在图 4示出的实施例中, 判断是否需要向发送方 2提供 验证信息以及判断发送方所反馈的字符串是否符合预定规则是分别由 盘整信息提供判断装置 100和符合规则判断装置 103所完成的, 本领域 技术人员可以理解, 上述的判断操作完全可以由一个判断模块完成。 图 中示出分别由两个模块完成的情形仅仅是为了便于描述。  Further, although in the embodiment shown in FIG. 4, it is judged whether or not it is necessary to provide the verification information to the sender 2 and whether or not the character string fed back by the sender conforms to the predetermined rule is respectively the correction information providing judgment means 100 and the compliance rule judging means As can be understood by those skilled in the art, the above-mentioned judging operation can be completely completed by a judging module. The figure shows that the two modules are respectively completed for convenience of description.
以上对本发明的实施例进行了描述,但是本发明并不局限于特定 的***、 设备和具体协议, 本领域内技术人员可以在所附权利要求的 范围内做出各种变形或修改。 在权利要求中, 措词 "包括" 不排除其他的元素和步骤, 并且措 辞 "一个" 不排除复数。 在发明的实际应用中, 一个部件可能执行权 利要求中所引用的多个技术特征的功能。权利要求中的任何附图标记 不应理解为对范围的限制。 The embodiments of the present invention have been described above, but the present invention is not limited to the specific systems, devices, and specific protocols, and various modifications and changes can be made by those skilled in the art within the scope of the appended claims. In the claims, the <RTI ID=0.0>"comprising"</RTI> does not exclude other elements and steps, and the word "a" does not exclude the plural. In the practical application of the invention, a component may perform the functions of the plurality of technical features recited in the claims. Any reference signs in the claims should not be construed as limiting the scope.

Claims

权 利 要 求 书 Claim
1. 一种在通信***的服务器中用于处理信息的方法, 其中, 发送 方向接收方提供发送信息, 该方法包括以下步骤: A method for processing information in a server of a communication system, wherein the transmitting direction provides the transmitting information to the receiving party, the method comprising the steps of:
- 判断是否需要向所述发送方提供验证信息, 其中, 所述验证信息 包括一组字符串的相关信息 , 该一组字符串无法从所述验证信息中被提 取出来;  Determining whether it is necessary to provide verification information to the sender, wherein the verification information includes related information of a set of character strings, and the set of character strings cannot be extracted from the verification information;
- 当需要向所述发送方提供所述验证信息时, 执行以下步骤:  - When the verification information needs to be provided to the sender, perform the following steps:
i.向所述发送方提供所述验证信息;  i. providing the verification information to the sender;
ii.接收来自所述发送方所反馈的字符串;  Ii. receiving a string of characters fed back from the sender;
iii.判断由所述发送方所反馈的字符串是否符合预定规则:  Iii. determining whether the string fed back by the sender meets a predetermined rule:
M. 当所述反馈的字符串不符合预定规则时, 阻止所述发 送信息被提供给接收方;  M. preventing the transmission information from being provided to the recipient when the fed-back string does not conform to the predetermined rule;
N. 当所述反馈的字符串符合预定规则时 ,允许所述发送信 息被提供给接收方;  N. allowing the transmission information to be provided to the recipient when the fed-back string conforms to a predetermined rule;
- 当不需要向所述发送方提供所述验证信息时, 允许所述发送信息 被直接提供给所述接收方。  - When it is not necessary to provide the verification information to the sender, the transmission information is allowed to be directly provided to the recipient.
2. 根据权利要求 1 所述的方法, 其中, 当满足以下各项中的任一 项或任多项时, 则需要向所述发送方提供验证信息:  2. The method according to claim 1, wherein the verification information needs to be provided to the sender when any one or more of the following items are met:
- 获取来自所述发送方的所述发送信息或者发送请求, 其中, 所述 发送请求被所述发送方用于请求向所述接收方发送所述发送信息;  Obtaining the transmission information or the transmission request from the sender, wherein the transmission request is used by the sender to request to send the transmission information to the receiver;
- 所述服务器中预存了不需要进行检测的发送者的地址, 且根据所 述发送信息或者所述发送请求所获取的所述发送方的地址不被包含在 所述不需要进行检测的发送者的地址中;  - storing, in the server, an address of a sender that does not need to be detected, and the address of the sender acquired according to the transmission information or the transmission request is not included in the sender that does not need to be detected In the address;
- 所述发送方在一个预定时间段内发送所述发送信息或者发送所述 发送请求的次数大于一个预定阈值。  - the sender sends the transmission information or sends the transmission request for a predetermined period of time greater than a predetermined threshold.
3. 根据权利要求 1或 2所述的方法, 其中, 在满足以下各项中的 任一项或任多项时, 则所述反馈的字符串不符合所述预定规则: - 所述发送方所反馈的字符串与需要反馈的字符串不完全匹配。The method according to claim 1 or 2, wherein, when any one or more of the following items are satisfied, the returned character string does not conform to the predetermined rule: - The string fed back by the sender does not exactly match the string that needs to be fed back.
4. 根据权利要求 2或 3所述的方法, 其中, 所述步骤 M之前还包 括: The method according to claim 2 or 3, wherein the step M further comprises:
- 获取来自所述发送方的所述发送信息;  - obtaining the transmission information from the sender;
-缓存所述发送信息;  - caching the transmitted information;
所述步骤 M还包括将所述发送信息丢弃。  The step M further includes discarding the transmission information.
5. 根据权利要求 1至 4中任一项所述的方法, 其中, 所述信息包 括邮件、 短消息、 即时通信或通话。  The method according to any one of claims 1 to 4, wherein the information comprises a mail, a short message, an instant message or a call.
6. 根据权利要求 1至 5 中任一项所述的方法, 其中, 所述一组字 符串的相关信息包括图片数据, 该图片数据显示出所述一组字符串; 和 The method according to any one of claims 1 to 5, wherein the related information of the set of characters includes picture data, the picture data displays the set of character strings; and
/或 / or
所述一组字符串的相关信息包括音频数据 , 该音频数据读出所述一 组字符串。  The related information of the set of character strings includes audio data, and the audio data reads out the set of character strings.
7. 根据权利要求 1至 6中任一项所述的方法, 其中, 所述一组字 符串由所述服务器随机生成。  The method according to any one of claims 1 to 6, wherein the set of character strings is randomly generated by the server.
8. 根据权利要求 1 至 7中任一项所述的方法, 其中, 所述服务器 包括邮件转发服务器, 短消息服务中心或交换机。  The method according to any one of claims 1 to 7, wherein the server comprises a mail forwarding server, a short message service center or a switch.
9. 一种在通信***的服务器中用于处理信息的处理装置, 其中, 发送方向接收方提供发送信息, 所述处理装置包括:  A processing device for processing information in a server of a communication system, wherein the transmitting direction provides the transmitting information to the receiving party, and the processing device includes:
验证信息提供判断装置, 用于判断是否需要向所述发送方提供验证 信息, 其中, 所述验证信息包括一组字符串的相关信息, 该一组字符串 无法从所述验证信息中被提取出来;  The verification information providing determining means is configured to determine whether the verification information needs to be provided to the sender, wherein the verification information includes related information of a set of character strings, and the set of character strings cannot be extracted from the verification information. ;
- 当需要向所述发送方提供所述验证信息时,所述处理装置还包括: 提供装置, 用于向所述发送方提供所述验证信息;  The processing device further includes: providing means for providing the verification information to the sender when the verification information is required to be provided to the sender;
接收装置, 用于接收来自所述发送方所反馈的字符串; 符合规则判断装置, 用于判断由所述发送方所反馈的字符串是 否符合预定规则:  a receiving device, configured to receive a character string fed back from the sender; and a rule matching determining device, configured to determine whether the string fed back by the sender meets a predetermined rule:
阻止装置, 用于当所述反馈的字符串不符合预定规则时, 阻止所述发送信息被提供给接收方;  Blocking means, configured to prevent the sending information from being provided to the receiving party when the fed back character string does not meet the predetermined rule;
允许装置, 用于当所述反馈的字符串符合预定规则时, 允 许所述发送信息被提供给接收方; Allowing means, when the string of the feedback meets a predetermined rule, The transmission information is provided to the recipient;
所述允许装置还用于, 当不需要向所述发送方提供所述验证信息 时, 允许所述发送信息被直接提供给所述接收方。  The permission device is further configured to allow the transmission information to be directly provided to the recipient when the verification information is not required to be provided to the sender.
10. 根据权利要求 9所述的处理装置, 其中, 当满足以下各项中的 任一项或任多项时, 则需要向所述发送方提供验证信息:  10. The processing device according to claim 9, wherein the verification information needs to be provided to the sender when any one or more of the following are satisfied:
- 获取来自所述发送方的所述发送信息或者发送请求, 其中, 所述 发送请求被所述发送方用于请求向所述接收方发送所述发送信息;  Obtaining the transmission information or the transmission request from the sender, wherein the transmission request is used by the sender to request to send the transmission information to the receiver;
- 所述服务器中预存了不需要进行检测的发送者的地址, 且根据所 述发送信息或者所述发送请求所获取的所述发送方的地址不被包含在 所述不需要进行检测的发送者的地址中;  - storing, in the server, an address of a sender that does not need to be detected, and the address of the sender acquired according to the transmission information or the transmission request is not included in the sender that does not need to be detected In the address;
- 所述发送方在一个预定时间段内发送所述发送信息或者发送所述 发送请求的次数大于一个预定阔值。  - the number of times the sender sends the transmission information or sends the transmission request within a predetermined time period is greater than a predetermined threshold.
11. 根据权利要求 9或 10所述的处理装置,在满足以下各项中的任 一项或任多项时 , 则所述反馈的字符串不符合所述预定规则:  11. The processing device according to claim 9 or 10, wherein the feedback string does not conform to the predetermined rule when any one or more of the following are satisfied:
- 未在预定时间段内接收到来自所述发送方所反馈的所述字符串; - 所述发送方所反馈的字符串与需要反馈的字符串不完全匹配。 - the character string fed back from the sender is not received within a predetermined time period; - the character string fed back by the sender does not exactly match the character string that needs to be fed back.
12. 根据权利要求 10或 11所述的处理装置, 其中, 还包括: 获取装置, 用于获取来自所述发送方的所述发送信息; The processing device according to claim 10 or 11, further comprising: acquiring means, configured to acquire the sending information from the sender;
緩存装置, 用于緩存所述发送信息;  a cache device, configured to cache the sending information;
所述阻止装置还用于, 将所述发送信息丟弃。  The blocking device is further configured to discard the sending information.
13. 根据权利要求 9至 12中任一项所述的处理装置, 其中, 所述 信息包括邮件、 短消息、 即时通信或通话。  The processing device according to any one of claims 9 to 12, wherein the information comprises a mail, a short message, an instant communication or a call.
14. 根据权利要求 9至 13 中任一项所述的处理装置, 其中, 所述 一组字符串的相关信息包括图片数据, 该图片数据显示出所述一组字符 串; 和 /或  The processing device according to any one of claims 9 to 13, wherein the related information of the set of character strings includes picture data, the picture data displays the set of character strings; and/or
所述一组字符串的相关信息包括音频数据, 该音频数据读出所述一 组字符串。  The related information of the set of character strings includes audio data, and the audio data reads out the set of character strings.
15. 根据权利要求 9至 14中任一项所述的处理装置, 其中, 所述 服务器包括邮件转发服务器, 短消息服务中心或交换机。  The processing device according to any one of claims 9 to 14, wherein the server comprises a mail forwarding server, a short message service center or a switch.
PCT/CN2010/070006 2010-01-04 2010-01-04 Method and apparatus for filtering information WO2011079530A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2010/070006 WO2011079530A1 (en) 2010-01-04 2010-01-04 Method and apparatus for filtering information
CN201080048136.XA CN102598009B (en) 2010-01-04 2010-01-04 A kind of method for filter information and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2010/070006 WO2011079530A1 (en) 2010-01-04 2010-01-04 Method and apparatus for filtering information

Publications (1)

Publication Number Publication Date
WO2011079530A1 true WO2011079530A1 (en) 2011-07-07

Family

ID=44226164

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2010/070006 WO2011079530A1 (en) 2010-01-04 2010-01-04 Method and apparatus for filtering information

Country Status (2)

Country Link
CN (1) CN102598009B (en)
WO (1) WO2011079530A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107181745A (en) * 2017-05-16 2017-09-19 阿里巴巴集团控股有限公司 Malicious messages recognition methods, device, equipment and computer-readable storage medium

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108073804B (en) * 2016-11-14 2022-11-29 百度在线网络技术(北京)有限公司 Risk identification method and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1467670A (en) * 2002-06-26 2004-01-14 Spam detector with challenges
CN1573783A (en) * 2003-06-20 2005-02-02 微软公司 Prevention of outgoing spam
CN1744123A (en) * 2005-09-24 2006-03-08 宋剑鸿 Method for filtering group-transmitted rubbish mails
CN1956419A (en) * 2005-10-26 2007-05-02 祝凯 Verification converting method and system for commercial E-mail
CN1968256A (en) * 2005-11-14 2007-05-23 陈晓迪 Junk Email prevention method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1467670A (en) * 2002-06-26 2004-01-14 Spam detector with challenges
CN1573783A (en) * 2003-06-20 2005-02-02 微软公司 Prevention of outgoing spam
CN1744123A (en) * 2005-09-24 2006-03-08 宋剑鸿 Method for filtering group-transmitted rubbish mails
CN1956419A (en) * 2005-10-26 2007-05-02 祝凯 Verification converting method and system for commercial E-mail
CN1968256A (en) * 2005-11-14 2007-05-23 陈晓迪 Junk Email prevention method

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107181745A (en) * 2017-05-16 2017-09-19 阿里巴巴集团控股有限公司 Malicious messages recognition methods, device, equipment and computer-readable storage medium

Also Published As

Publication number Publication date
CN102598009A (en) 2012-07-18
CN102598009B (en) 2015-11-25

Similar Documents

Publication Publication Date Title
US10050917B2 (en) Multi-dimensional reputation scoring
US9544272B2 (en) Detecting image spam
US8179798B2 (en) Reputation based connection throttling
EP2115688B1 (en) Correlation and analysis of entity attributes
US8561167B2 (en) Web reputation scoring
US7937480B2 (en) Aggregation of reputation data
US8578051B2 (en) Reputation based load balancing
KR101109817B1 (en) Method and apparatus for reducing e-mail spam and virus distribution in a communications network by authenticating the origin of e-mail messages
US20070226804A1 (en) Method and system for preventing an unauthorized message
AU2008207924B2 (en) Web reputation scoring
EP2281371B1 (en) Statistical spam message detection
US20120151578A1 (en) Detecting a suspicious entity in a communication network
KR20120084806A (en) Method for detecting the hijacking of computer resources
WO2011079530A1 (en) Method and apparatus for filtering information
Lindqvist et al. Cure for spam over internet telephony
CN107332649B (en) Off-line method of 802.1X client and 802.1X system
Gruber et al. Architecture for trapping toll fraud attacks using a voip honeynet approach

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 201080048136.X

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10840320

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10840320

Country of ref document: EP

Kind code of ref document: A1